News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Microsoft surreptitiously adds telemetry functionality to July 2019 Win7 Security-only patch

    Home Forums AskWoody blog Microsoft surreptitiously adds telemetry functionality to July 2019 Win7 Security-only patch

    This topic contains 124 replies, has 44 voices, and was last updated by  anonymous 1 week, 5 days ago.

    • Author
      Posts
    • #1873339 Reply

      PKCano
      Da Boss

      Unannounced, Microsoft has added telemetry functionality to the July 2019 Security-only Update for Windows 7 KB4507456. Alerted on Patch Tuesday by an
      [See the full post at: Microsoft surreptitiously adds telemetry functionality to July 2019 Win7 Security-only patch]

      Total of 26 users thanked author for this post. Here are last 20 listed.
    • #1873352 Reply

      PKCano
      Da Boss

      Remember, we are at DEFCON-2 = wait to install updates.

      For those of you in Group B who install KB4507456, see @abbodi86 ‘s instructions:

      AKB2000012 – Neutralize Telemetry & Sustain Win 7, 8.1 Monthly Rollup Model

      We still don’t know if the telemetry functionality will be included in only this one patch, or if it will be included in future Security-only updates. That may be answered with the August updates.

      8 users thanked author for this post.
    • #1873353 Reply

      T
      AskWoody Plus

      Never underestimate the ability of Microsoft to s***w over its users, many of us were installing the security only precisely to avoid this spyware. Can anyone confirm that this update does indeed install the known telemetry services like diagtrack? It’s easily disabled I know, I’ve disabled several of the previously known scheduled tasks that abbodi86 has helpfully listed.

      2 users thanked author for this post.
      • #1873357 Reply

        PKCano
        Da Boss

        The monthly rollup had been carrying already
        the “Unified Telemetry Client” since since October 2016 preview rollup, and the “Compatibility Appraiser” since September 2018 preview rollup

        security-only update KB4507456 only have the second payload (Appraiser)

        See #1873085. The user went ahead and installed July patches.

        • #1873370 Reply

          T
          AskWoody Plus

          Yes, I read that but abbodi is saying it contains only the appraiser part and I am unclear if that includes things like diagtrack and autologger-diagtrack-listener. I assume so because files called diagtrack.dll and diagtrackrunner.exe are listed in the file information. So… make sure you update while disconnected from the internet!

          • This reply was modified 3 months, 1 week ago by  T.
          2 users thanked author for this post.
    • #1873356 Reply

      John
      AskWoody Lounger

      The telemetry collection doesn’t bother me, it still should be a opt in or at least a option to send data in the event of a error or crash only. I don’t see much value in just sending these reports in so frequently. Seems to me a full report is only justified if you have a real issues you want to report. Microsoft has expanded its use of Windows update for some time now to include other things other then security updates. This isn’t anything new even to Windows 7 users. Its been a trend for Microsoft to broaden its use of Windows update.

      2 users thanked author for this post.
    • #1873358 Reply

      dph853
      AskWoody Plus

      With the forced updates for Windows 7 machines to Win vCurrent only a few months away, it should come as no surprise that MS is taking off the gloves and getting ready to ensure that when they push the new version to your computer, the upgrade will likely succeed.

      Those planning on sticking with Win 7 for the long term should be very careful what they install as I suspect many update patches between now and then will have a secondary purpose associated with the looming end of Win7 support and MS is going to assume that you will wish to be upgraded when the time comes.

      8 users thanked author for this post.
      • #1873628 Reply

        Charlie
        AskWoody Plus

        “With the forced updates for Windows 7 machines to Win vCurrent only a few months away, it should come as no surprise that MS is taking off the gloves and getting ready to ensure that when they push the new version to your computer, the upgrade will likely succeed.”

        WHAT?  I thought I’d been keeping up with all the monkeybusiness, but now you’re saying MS is gonna push Win 10 on us without our permission? This is hard for me to believe even for MS!  Am I being naive?  Uninformed?  If the quote above is true then I will go to Group W.

        Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

        1 user thanked author for this post.
        • #1874132 Reply

          anonymous

          They have done it before (GWX).  Why would you think they wouldn’t try again?

          2 users thanked author for this post.
          • #1874375 Reply

            Charlie
            AskWoody Plus

            Yeah right, maybe they’re trying to dissuade us from going to Linux?

            Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

            1 user thanked author for this post.
      • #1874724 Reply

        anonymous

        I am a “light” user and have followed Woody’s advice since KB2952664 first appeared. I have done only security updates up till March of 2018. Then I quit ALL updates in expectation of MS slipping in code that would somehow make Win7 slow, frustrating, and a pain-in-the-butt to use. Looks like that’s what has happened. My system operates very fast, smoothly, and no glitching, hiccups or unexpected/unexplained behaviors.  But, I am a very lightweight user. I expect to use this OS until I can no longer install/clone/image/copy it into new hardware, or access the internet with it.  I suppose new hardware coded to NOT accept Win7 is not far away, if not normal. Thank you Woody & associates!

        2 users thanked author for this post.
        • #1874728 Reply

          Canadian Tech
          AskWoody_MVP

          I look after about 130 client Win7 systems. None of them are enterprise. All just like you describe yourself. I stopped all Windows Updates on all of them 26 months ago and their systems run dramatically better than ever. Never a single problem in all this time.

          I recommend you:
          1. Switch to the Chrome browser
          2. Install the free VLC media player
          3. Stop using Internet Explorer
          4. Uninstall Adobe Flash Player
          5. Uninstall Adobe Reader
          6. Uninstall Java
          7. Install a top-rated antivirus product (I do not recommend “security” products)
          8. Do backups regularly
          9. Consider re-installing Windows and create an image copy of the installation
          10. If your hard drive is over 5 years old, consider replacing it (under $100) before you re-install

          When your system no longer functions, buy a new one.

          CT

      • #1975712 Reply

        anonymous

        I have always suspected that Microsoft has been ordered by the Department of Homeland Security to collect data on all MS users , disguising and misdirecting users to make data collection palatable. Not just through updates and core programs of OS’s, but through utilization of any cloud services, like One Drive or any form of cloud backup/online password saving programs, etc.

        XP was released one month after 9/11,and in unmodified state, contains no telemetry. After 5 years of development Vista was released, but with too much security that made use poor hell.

        So on comes version 7 with a potload of telemetry  via updates. And it has only increased with versions 8 and 10. Am I right or wrong?

    • #1873373 Reply

      Microfix
      Da Boss

      Susan, we need your Pinocchio with a loooooong nose.

      ..more like daffy duck!  ‘Despicable’

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      4 users thanked author for this post.
    • #1873379 Reply

      anonymous

      ? says:

      was waiting for the other shoe to drop (or is it a jack-boot heel?) guess i have a few weeks to get over to Micro Center and get some ssd’s for my earlier than advertized Linux migration…

      hey Ginz does heinoganda sanitize win7 KB’s?

      mr. gates you should be ashamed

      3 users thanked author for this post.
    • #1873453 Reply

      honx
      AskWoody Lounger

      so it’s time for me to switch to group w, i assume…

      PC: Windows 7 Ultimate, 64bit, Group B
      Notebook: Windows 8.1, 64bit, Group B

      • #1874119 Reply

        Charlie
        AskWoody Plus

        Assume is all we can do at this point.  KB2952664 was one of the first GWX telemetry things that Woody warned us about way back when the GWX fiasco started.  KB2952664 has come back a few times in WU by itself and I never downloaded or installed it.

        It would be nice to know exactly what it is that KB2952664 does.  This may have been covered some time ago in an AskWoody or Windows Secrets post.  Hopefully we will get some answers (not necessarily from Microsoft) as to whether it’s really time to throw in the towel and stop doing Security Only updates six months early.

        Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

    • #1873455 Reply

      anonymous

      ? says:

      thank you microfix, opinions, everybody has one\some. i know i do although i’m easily swayed by thoughtful logos (https://en.wikipedia.org/wiki/Logos)

      trolling google for reaction “windows 7 spy update” and 2nd hit is (https://medium.com/@AntonioKowatsch/f-ck-you-microsoft-29bda8eae37b) which explains how to apply “Enola Gay” solution to neuter updates in hosts file. Antonio refers to ( https://social.technet.microsoft.com/Forums/ie/en-US/2beb5208-ab0d-4a12-9c35-06dfa4e50f94/windows-auto-update-is-turning-itself-back-on?forum=winserverwsus.)  i cherish what is left of personal freedom and i view the business desision to squash the last bit of choice remaining in win 7 (EOL 1/2020) as an affront. we will see how this plays out since we are in the Defcon 2 holding pattern…

    • #1873458 Reply

      WildBill
      AskWoody Plus

      Thanks for anon’s & @pkcano‘s updates. I’m on Win8.1 Group B to avoid any unwanted “quality” updates, telemetry or otherwise. If M$ can slip this into Security-Only updates for Win7, it’s a matter of time (year or so) before Win8.1 Security-Only updates get the same treatment. Depending on how Win10 1903 & 1909 (“Service Pack”) updates go, I might not be on 8.1 for long…

      Windows 8.1, 64-bit, leaning toward returning to Group A... & toward Windows 10 V1909. As long as it's a Lot Less Buggy!
      Wild Bill Rides Again...

      • #1873473 Reply

        Microfix
        Da Boss

        @wildbill, I’m also on W8.1 x64 but, in  Group A- (minus) patching via WU SQMR and have taken action to curb some telemetry by implementing the steps in AKB2000012 as well as neutralising/ stopping the Diagnostic Tracking Service Diagtrack, (I’ve deleted it and it hasn’t returned after patching with SFC /Scannow results being ok). I have not had an issue with this method for over a year although it seems there is no getting away from some telemetry being submitted.

        To stop the Diagnostic Tracking Service and other tips, see AKB2000010

         

        ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

    • #1873467 Reply

      galileo
      AskWoody Plus

      Before I start, I am a loooong time Langa List and Windows Secrets member…as in from the beginning…all the way back to the PCMag hardcopy days.  I love you guys and will continue to be a Plus member.  That said, this current post has finally tripped my trigger…

      Enough of the gratuitous MS bashing.  Pause and think just a minute.  Across many of your newsletters, you criticize MS for “telemetry” AND for having numerous bugs in updates and patches.  Yes, MS has reduced in house testing.  Yes, MS has introduced telemetry without, in many cases, adequately informing the users.  Regardless of that, any researcher/developer/scientist/engineer knows that testing REQUIRES that one know WHAT to test against.

      Just look at your forums.  The number of combinations and permutations of hardware and software – and their problems – is virtually innumerable.  How on earth can you expect adequate testing without data and perspective on the hardware/software landscape?  MS cannot reasonably duplicate that landscape and develop meaningful and reliable testing without KNOWING what that landscape is.  Hence, non-invasive and transparent telemetry.  Granted that “transparency” is, effectively if you will, a double entendre (a two-way street) in that the user should not be burdened with performance issues and that MS should adequately inform the users.

      What I am driving at is simple:  Temper the critique.  It has become, or is becoming, hypocritical and is a detractor with respect to how a knowledgeable, respected, and appreciated member of the tech community expresses and projects the news.

      As I said, I love you guys…but sometimes you need to look in the mirror…

      9 users thanked author for this post.
      • #1873477 Reply

        Carl D
        AskWoody Lounger

        Good post, galileo.

        But… the question must be asked (again, because I and a few others have asked this question before, here and on several other forums and I’ve never seen a satisfactory answer):

        Why is Microsoft so determined to collect telemetry from an operating system (Windows 7) that is reaching end of life in 6 months time?

        What possible use do they have for the W7 telemetry especially seeing as there are no new feature updates coming for Windows 7 – and there hasn’t been any for several years now, plus the fact that they’ve also been trying to kill off W7 ever since W10 was released 4 years ago.

        7 users thanked author for this post.
        • #1873939 Reply

          Microfix
          Da Boss

          Why is Microsoft so determined to collect telemetry from an operating system (Windows 7) that is reaching end of life in 6 months time?

          Great question that perhaps is worthy of it’s own thread/discussion/opinions..care to do the honors @carl-d?

          ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      • #1873532 Reply

        zero2dash
        AskWoody Lounger

        Preach!

        Most applications and devices nowadays collect telemetry data for troubleshooting and problem resolution where and when they can. The sooner people admit that to themselves, the better off everyone will be. MS does some boneheaded things, but the pitchforks and torches over telemetry data is a really archaic and off-putting way of thinking IMHO. It’s almost 2020 for crying out loud; the world is connected. If people want to live in the stone ages without the internet, be my guest. If MS wants to collect crash data off my PC’s to help me (or others) from having a repeat of the crash, then please, take the data. It’s anonymized and sanitized on top of it, but that doesn’t keep people from breaking out those pitchforks and torches though.

        • #1873564 Reply

          anonymous

          If it is only just application crash data that is fine, otherwise does anybody else really need to collect personal information. You can still risk revealing other sensitive data bits within a packet of application crash data.

        • #1873667 Reply

          Ascaris
          AskWoody_MVP

          It’s the whole thing about Microsoft not asking if people are willing to participate, but instead attempting to force them, even to the extent of hiding the telemetry update in a security update, which it is not.

          If Microsoft wants me to beta test their software, they can pay for it.  I won’t do it for free so that MS can save money, and certainly I won’t do it for free on software that I have to pay for.

          Group "L" (KDE Neon User Edition 5.17.0).

          9 users thanked author for this post.
      • #1873669 Reply

        ebrke
        AskWoody Lounger

        Of course, you’re entitled to your own feelings about MS behavior. However, I can state that this is the kind of thing that drove me away from windows 15 years ago; I refused to move to winxp. I am only here because I maintain a win7 system for a very elderly parent.

        It boils down to the fact that I don’t trust MS, particularly with the lack of transparency about the telemetry. YMMV.

        1 user thanked author for this post.
      • #1873751 Reply

        anonymous

        sorry, but its not bashing when its ms doing the sneak attack. We’ve been with Woody for quite a while and he has guided us through the shoals.

        5 users thanked author for this post.
      • #1873758 Reply

        lurks about
        AskWoody Lounger

        I fundamentally disagree with the need for telemetry. A good deal of the W7 kit is older computers that will struggle to run W10 well. So installing W10 on any of these boxes is a waste of time and money. Also, most people buy a computer from a retailer or directly from an OEM and do not modify it. So it is stock hardware. Thus, if you know the model you know the hardware specifications.

        The more fundamental issue is the sneakiness with which it was done. MS does not own the equipment but is a guest on the equipment.

        6 users thanked author for this post.
        • #1874287 Reply

          Elrod
          AskWoody Plus

          This is the fundamental issue, I think.  Microsoft acts as though our equipment belongs to them, and is a de facto extension of their test lab.  That is not the case.  They don’t even ask, much less offer to compensate.  They don’t disclose what is being sought.  They just take MY data from MY machine.  That is crossing an unacceptable line.

          I don’t have a problem with seeking crash data in order to make the product better.  I do have a problem with the way it is being done.

          Group "L": Linux Mint

          1 user thanked author for this post.
      • #1873855 Reply

        HiFlyer
        AskWoody Plus

        #1873467

        Click the red x for o.k.

        2 users thanked author for this post.
    • #1873492 Reply

      tonyl
      AskWoody Lounger

      The number of combinations and permutations of hardware and software – and their problems – is virtually innumerable. (snipped)

      I do have to admit, and I’ve realised for a long time, that one of the main complaints about Windows as an OS is that it’s never quite right; it always needs tweaking. Let’s face it, most people have trouble with it.

      So why is it so troublesome? It’s because MS have always intended it to “work straight out of the box” in an intuitive way, ever since Windows 1.0. To do that they try to make it all things to all men, and the result is that it always falls between two stools, as it were.

      I applaud MS for trying, but I don’t think they’ll ever get it 100% right, and it’s not their fault; There’s no such thing as a one-size-fits-all version of Windows. Without any evidence to the contrary, I have to accept they’re using telemetry for the best of reasons, but they should make it clear from the outset instead of secretly.

       

      • #1873859 Reply

        Ascaris
        AskWoody_MVP

        I applaud MS for trying, but I don’t think they’ll ever get it 100% right, and it’s not their fault; There’s no such thing as a one-size-fits-all version of Windows.

        That’s why options are good.  One size does not fit all, but why restrict the product to one size when by its very nature (being a computer program and not a pair of jeans) it can be adapted to many different sizes with a few mouse clicks?

        The trend for some time now has been to remove features and customizability and replace it with what is charitably termed “minimalism.”  There’s not even a means to change the Windows background colors from blinding white to something else anymore, and that’s something my very first Windows version, 3.0, did have, and that Windows in general had until it began to be phased out in Windows Vista.  Aero themes in Vista and 7 had the non-negotiable white background, while the classic and basic themes continued to be customizable.  With Windows 8, the classic and basic themes were removed too.

        This terrible trend can be seen across the software spectrum.  In Windows, certainly, as the example demonstrates.  In Mozilla Firefox, you need only consult any given release’s notes to find some example… in the current release, v.68, they’ve removed the ability to turn off e10s.  Before that, they removed the “unread” tab state, which wrecked the last bit of suitability Firefox had for my workflow after the biggest feature amputation of all, the removal of the classic addons, otherwise known as the Quantum leap backward.

        In the Linux world, GNOME has been lopping features off of its desktop environment at a pace to rival Mozilla.  Their file explorer, Nautilus, has had so many features removed that many people end up using one from another desktop environment.  The GNOME devs have removed so much stuff that the file load dialog in GTK+ and GNOME itself doesn’t even have a text entry box anymore, nor a button that will give you one.  If you don’t want to navigate through the file system one nested folder at a time (good luck to you if you need to open a hidden .directory and you don’t have it set to display them in advance!), you have to know the secret CTRL-L key combination to make the text input box appear, with the devs refusing to provide a visible button to give users a hint that it exists, saying that the feature is more of an “Easter egg” than an actual feature, and that they don’t want to advertise its presence.

        This bizarre, misguided fetish for removing features and making things simplistic (rather than as simple as is feasible) has got to end, and sooner rather than later.  The idea that all software has to be aimed at complete beginners to the computing world, with no option to grow with the user as skill is gained, is just incomprehensibly ridiculous.  If you go into a cockpit of a 787 or an A380, you will not find it all so simple and easy that you would be able to just start flying the plane without having to learn how first.  The makers of those planes have simplified things as much as feasible, but aviation is not a simple thing, and it is impossible to make it so simple that a lay-person can just start using it.  Instead, the cockpits are designed to make things as simple as possible for the intended users, which is trained, competent pilots.

        It’s an extreme example, but a lot of stuff in computing is the same way.  It cannot be made simple enough that any person who has no idea about any of this stuff can be put into the seat and start using the computer competently.  You can dumb it down to the point that the new user is not intimidated by anything he sees, like options he does not understand (Hint: leave them alone if you do not know what they mean), but then it’s only maximally useful as long as the user is a complete beginner.  As soon as some skill is gained, he’s outgrown the simplistic interface– and if it’s like modern software, there’s few, if any, options to change it.

         

        Group "L" (KDE Neon User Edition 5.17.0).

        4 users thanked author for this post.
    • #1873496 Reply

      galileo
      AskWoody Plus

      Good post, galileo.

      But… the question must be asked (again, because I and a few others have asked this question before, here and on several other forums and I’ve never seen a satisfactory answer):

      Why is Microsoft so determined to collect telemetry from an operating system (Windows 7) that is reaching end of life in 6 months time?

      What possible use do they have for the W7 telemetry especially seeing as there are no new feature updates coming for Windows 7 – and there hasn’t been any for several years now, plus the fact that they’ve also been trying to kill off W7 ever since W10 was released 4 years ago.

      A rational question.  Once again, pause and think for a minute.

      Specifically, Windows 7 support is coming to an end – very soon from an IT support perspective.  MANY users will be faced with moving from W7 to W10.  What issues will they face?  What hardware/software combinations will need to be accommodated to make the move to W10 as issue free as possible?  What hardware/software permutations will present problems that will effectively prevent transitioning from a well functioning W7 environment to an equally well functioning W10 environment?  How will MS KNOW the answers to these questions and HOW will they have adequate time to prepare the code that executes the transition?

      Accumulating the data necessary to define the hardware/software landscape that applies to the W7>W10 transition REQUIRES…well, “gathering” said data…

      Rationally, for MS to prepare for the avalanche of the W7>W10 transition, it not only makes sense, but is absolutely critical to start that process before W7 reaches EOL and (to mix metaphors) the tidal wave arrives.  Hence, wouldn’t one would “expect” to see telemetry show up in order to start gathering the data?

      Agreed, once again…the transparency issue pops its head above the waves (or given the metaphors…is it “snow”).  Nonetheless, given the foregoing, it is not rational to view the telemetry in a nefarious context and it is entirely rational that MS “needs” to collect data to prepare and “test” its code against the hardware/software landscape.

      MVP Edit: please allow good time between edits otherwise the post gets caught in the spam.

      • This reply was modified 3 months, 1 week ago by  galileo.
      • This reply was modified 3 months, 1 week ago by  galileo.
      • This reply was modified 3 months, 1 week ago by  Microfix.
      • This reply was modified 3 months, 1 week ago by  Microfix.
      2 users thanked author for this post.
      • #1873533 Reply

        Alex5723
        AskWoody Plus

        Nonetheless, given the foregoing, it is not rational to view the telemetry in a nefarious context

        Yes it is.
        What has a keylogger telemetry, as an example, to do with moving from W7 to W10 ?
        What has this data transmitted to Microsoft to do with moving from W7 to W10 ? Nothing, except the desire of spying after users.

        Typed text on keyboard sent every 30 minutes
        Transmits anything you say into a microphone
        Transcripts of things you say while using Cortana
        Index of all media files on your computer
        When your webcam is first enabled, 35mb of data
        Other Telemetry data…

        • This reply was modified 3 months, 1 week ago by  PKCano.
        • This reply was modified 3 months, 1 week ago by  Alex5723.
        6 users thanked author for this post.
        • #1873633 Reply

          Seff
          AskWoody Plus

          Indeed. Moreover, it’s perfectly possible for Microsoft to announce openly their action and the motivation behind it if they have nothing to hide.

          As we move closer towards January 2020 I hope that most Windows 7 users will ensure that they still have GWX Control Panel installed and running, and not be swayed by those who argue that Microsoft will never go down that particular road again. Better safe than sorry.

          6 users thanked author for this post.
        • #1873755 Reply

          Sessh
          AskWoody Lounger

          People either refuse to acknowledge or conveniently forget Microsoft’s involvement in the PRISM surveillance program of which Microsoft was the first to join. PRISM has nothing to do with “crash data” and everything to do with your personal information being collected and given direct access to by the NSA. Snowden’s revelations completely demolished any possibility of Microsoft having good intentions with their telemetry and data collection. They are sneaking it into updates now.

          It’s amazing to me how no one blinks an eye when they try to sneak this stuff into updates. This is exactly what I said would eventually happen and one reason I joined Group W over two years ago and without a single problem since I should add. It’s underhanded and sneaky which is not indicative of benign intentions.

          Geez, I am WAY past giving MS the benefit of the doubt and they deserve every ounce of flack they get and will get. The cognitive dissonance from some people is crazy.

          10 users thanked author for this post.
          • #1873757 Reply

            Canadian Tech
            AskWoody_MVP

            Seesh, I completely agree. I and almost all of my clients and just about every one I know is recognizing Microsoft’s moves in the most effective way.

            Most of us will never buy another Microsoft product again.

            CT

            6 users thanked author for this post.
    • #1873520 Reply

      OscarCP
      AskWoody Plus

      Galileo’s explanation makes sense. Which makes me wonder: how much telemetry, for the same alleged reasons, do LINUX distros collect and send back to their respective mother ships?

      And how about Apple? Does Apple get less telemetry than MS, given that the number of software/hardware combinations it needs to deal with has to be considerably smaller in its case?

      Does anyone here know the answer to either question? It would be helpful to have at least one external non-Windows reference point to get a better, clearer perspective on this issue.

      Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

      • #1873534 Reply

        zero2dash
        AskWoody Lounger

        Most of them are open source and subject to code review by anyone, so, no, Linux distros generally do not collect any data otherwise you’ll hear about it fairly quickly.

        I remember when Ubuntu started sending search results to Amazon, and people lost their minds. It was quickly reverted and changed to an opt-in feature.

        I’ve seen articles in the past that claim that Apple collects telemetry data, but I haven’t touched a Mac in years so I defer to the online masses for that info.

        5 users thanked author for this post.
    • #1873530 Reply

      Mr.Fox
      AskWoody Lounger

      I will not have it, as I do not allow updates. But, this is great info for those that do allow them. Thank you for always providing such useful information.

      Their dishonesty and surreptitious behavior never ceases to be appalling. Only a hollow shell remains of the once-great company they used to be.

      2 users thanked author for this post.
    • #1873558 Reply

      johnf
      AskWoody Lounger

      Not sure about Apple, but in Linux it depends on the Distro. Ubuntu has done Telemetry, but it is opt-out, and Ubuntu has been transparent on exactly what they collect. Other Distros (Fedora, Debian) to my knowledge, don’t use telemetry (they may have an “opt-in” function). Unlike windows, it’s difficult to sneak in Telemetry in open source, there are multiple eyes watching.

      I suppose a rational question deserves a rational response. I have no issue with telemetry in W10, that was built in from the beginning, and users who install it should understand that. I have a HUGE problem with telemetry in Windows 8.1/7, because that was not built in to them from the beginning.

      I should not have to give up privacy just because Microsoft may have an issue with upgrades. What I should have is the option to turn of all telemetry in W8.1/7, with the caveat that by doing so, Microsoft isn’t responsible for future issues with my device.

      The issues you’ve mentioned with the W7 upgrade, by the way, were more of an issue with vendors not coming out quickly with W7 drivers, for the most part. If XP had telemetry, it would not have changed that at all. And much of W10’s issues are because of the rapid upgrade pace, since we don’t have a long term stable version for regular users…which makes no sense at all. There’s no evidence that telemetry has helped…even if the data is there, the only way to make stable software is extensive testing, which isn’t being done.

      There is another danger to telemetry that isn’t being discussed here. What’s being sent to Microsoft is information that can just as easily be sent to a bad actor (Shadow Brokers, etc.), who can use that information to attack PC’s. If we’ve learned anything from Snowden, it’s that no business or government can keep data safe. There are no “Golden Keys” that cannot be cracked, especially with security being crippled by agents like the NSA, not only on the software side (Encryption, OS’s, etc.) but also on the hardware side (Hard drive Firmware, Bios’s, etc).

      The fact of the matter is that you’re less safe with Telemetry active, and the trade off of an easier migration isn’t worth that.

      Users will have to make decisions, since W7 is coming to an end, and W8.1 is not far off. If security updates have telemetry, it should just hasten the process. Either you accept W10 with it’s telemetry, go to Apple and have some or the same telemetry,  or go to Linux and either opt-out or opt-in.  Your choice!

       

      • This reply was modified 3 months, 1 week ago by  johnf.
      3 users thanked author for this post.
      • #1873603 Reply

        OscarCP
        AskWoody Plus

        I just was looking about for information on Apple’s use of telemetry and came across this 2017 thread in “bleepingcomputer” that might be interesting to read:

        https://www.bleepingcomputer.com/forums/t/650851/requesting-privacy-tips-against-apple-snooping/

        There are a number of privacy settings in a Mac’s “System Preferences/Security and Privacy/Privacy”  but can’t see there anything for directly blocking telemetry being collected by Apple itself, only for blocking some applications frequently accessed by many users from doing so. But, I must confess to not having really looked seriously into this aspect of macOS until now. Perhaps someone has and might care to comment further on this?

        As a personal comment, I would like to add that, at least to me, it would be a lot less objectionable the collection of data by MS from Widows 7 and 8.1 if: (a) MS admitted openly trying to do this and explained why; (b) said “please?” Many developers of commercial and free software do ask that, implicitly, by giving the users the choice of  either opting out, or opting in, depending on the developer. I can’t think of any good reason why MS should not do the same thing.

        Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

        1 user thanked author for this post.
    • #1873576 Reply

      Heavenly
      AskWoody Lounger

      Unannounced, Microsoft has added telemetry functionality to the July 2019 Security-only Update for Windows 7 KB4507456. Alerted on Patch Tuesday by an
      [See the full post at: Microsoft surreptitiously adds telemetry functionality to July 2019 Win7 Security-only patch]

      I am in the UK with Win 7 SP1 on A Group

      I have just received the July updates and KB4507456 does not appear among them

      I have KB4507420 and KB4507449  plus the usual Malicious Software Removal Tool

       

      • #1873577 Reply

        PKCano
        Da Boss

        KB4507456 is the July Security-only Update. It requires a MS Update Catalog download and manual install. It is not released through Windows Update.

        3 users thanked author for this post.
    • #1873654 Reply

      Canadian Tech
      AskWoody_MVP

      Disgusting. Time to join Group W. You will be doing it 6 months early.

      CT

      10 users thanked author for this post.
      • #1873684 Reply

        Sueska
        AskWoody Plus

        Hi CT, Read 6 months ago you reported all was great with no updating (group W). Are you and your clients still happy and is all still going well? Thanks

        • #1873687 Reply

          Canadian Tech

          Not a single problem.  130 Win7 systems wake up every morning and have fine days.  Its been like this for 26 months now.  I used to get at least a half dozen client calls a day.  I am all set up with equipment to do that.  Its been weeks since the last client call.   I have immunized these systems against the MS virus.  They all have System images that I have labeled “Final State”.  I expect they will still be running just fine 5 years from now.  Long live Windows 7, the last good  Windows there will ever be.

          10 users thanked author for this post.
          • #1874036 Reply

            anonymous

            I guess that it’s time for some monthly system image backups for all the PCs/Laptops before any July 2019/later “Security Only Updates” are installed just in case this nefarious activity continues on up until the last Windows 7 patches in Jan 2020.

            I’d hate to have Windows 10 foisted on my PC or Laptop and the hardware found not compatible after the fact and any rollbacks non properly working. So it’s going to be wise to do more system image backups on Windows 7 systems going forward just in case of any GWX sorts of things happen once again.

            2 users thanked author for this post.
    • #1873677 Reply

      Carl D
      AskWoody Lounger

      Disgusting. Time to join Group W. You will be doing it 6 months early.

      What’s the bet that we’ll be seeing another ‘must be patched immediately’ big security issue for Windows 7 probably within the next month or two and the patch will, of course, include the telemetry?

      This stuff gets so predictable (and boring, actually) after a while.

      2 users thanked author for this post.
    • #1873713 Reply

      joep517
      AskWoody MVP

      Please note that if you agreed to join the “Customer Experience Improvement Program” with any Microsoft product in the past you agreed to Microsoft collecting and transmitting telemetry data.

      --Joe

      1 user thanked author for this post.
    • #1873740 Reply

      PerthMike
      AskWoody Plus

      I will not have it, as I do not allow updates. But, this is great info for those that do allow them. Thank you for always providing such useful information.

      Their dishonesty and surreptitious behavior never ceases to be appalling. Only a hollow shell remains of the once-great company they used to be.

      The thing that worries is that this month’s update is mandatory if you want to receive future Windows Update(s) due to the SHA2 changes.

      So, if you EVER want to install Windows Updates from their site from next month on, you WILL need to patch Windows with this month’s Security Only update.

      What a coincidence that Microsoft decides to slide the telemetry update into that one in this month’s update.

      No matter where you go, there you are.

      • #1873741 Reply

        PKCano
        Da Boss

        The SHA-2 patch and the Servicing Stack Update are NOT included in the July Security-only Update for Win7 KB4507456.
        SHA-2 update is KB4474419 and the Servicing Stack is KB4490628. They are separate patches. And both are issued through Windows Update. They will be a requirement for ANY August or later patch (of any kind).

         

        6 users thanked author for this post.
        • #1873880 Reply

          HiFlyer
          AskWoody Plus

          They will be a requirement for ANY August or later patch (of any kind).

          For Win8.1 too?

          • #1873907 Reply

            PKCano
            Da Boss

            For Win7 only so far. I think Win8.1 will come later.

            1 user thanked author for this post.
          • #1873912 Reply

            DrBonzo
            AskWoody Plus

            There is a new Servicing Stack Update this month for Win 8.1, KB4504418. MS strongly recommends installing it before installing either the Rollup or Security Only patches.

            1 user thanked author for this post.
            • #1873920 Reply

              Microfix
              Da Boss

              There is a new Servicing Stack Update this month for Win 8.1, KB4504418. MS strongly recommends installing it before installing either the Rollup or Security Only patches.

              Perhaps you could enlighten us as to why the servicing stack update (SSU) only appears AFTER SMQR patches for July are installed via Windows Update then?

              ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

              1 user thanked author for this post.
            • #1874030 Reply

              DrBonzo
              AskWoody Plus

              I don’t know the answer to your question! I’m simply reporting information I’ve found on the MS support pages. If you go to the support page for either the Rollup or Security Only patches you will find a statement that the latest SSU should be installed before either patch, and they identify the latest SSU as KB4504418. If you then go to the support page for the SSU, you will find a statement that the SSU needs to be installed exclusively.

              2 users thanked author for this post.
            • #1874034 Reply

              Microfix
              Da Boss

              ok, found it and yes, you are spot on with regards to what MSFT have published which is for catalog and WSUS updates. Thanks

              Microsoft strongly recommends you always install the latest servicing stack update (SSU) for your operating system before installing the latest monthly security update. Installing servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft security fixes.

              Extracted from microsoft link within the post.(my bolding)

              ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

              1 user thanked author for this post.
            • #1874653 Reply

              HiFlyer
              AskWoody Plus

              #1873912

              What about the SHA-2 for  Win 8.l?

            • #1874656 Reply

              PKCano
              Da Boss

              There is no SHA-2 patch for Win8.1 at this point. It will probably come later.

              1 user thanked author for this post.
            • #1874675 Reply

              abbodi86
              AskWoody_MVP

              It already have it without updates

              or maybe it was added with Update KB2919355

              2 users thanked author for this post.
            • #1874904 Reply

              HiFlyer
              AskWoody Plus

              abbodi86

              Just checked. Installed updates says it’s (KB2919355) on my Win8.1×64

              laptop since 10 Mar 2014.

              Thanks @abbodi86

               

      • #1873743 Reply

        anonymous

        The required updates for SHA2 are 4474419 and 4490628, not this one. So there’s that at least.

        — Cavalary

        1 user thanked author for this post.
    • #1873783 Reply

      anonymous

      See my post on

      https://www.reddit.com/r/sysadmin/comments/c184ic/upgrade_readiness_deployment_script/

      I wonder who actually uses the upgrade readiness stuff.

    • #1873793 Reply

      James Bond 007
      AskWoody Lounger

      So Microsoft adds KB2952664 functionality to the July security-only updates (and presumably later updates as well)? How I hate it!

      I went with Group B precisely to avoid these kinds of things. I don’t trust Microsoft with their “telemetry collection” and I have said before if something like this is included with the security-only updates then it will be the time to stop patching.

      So now it is the time to stop patching my Windows 7 systems. I will just patch up with the June 2019 updates and leave it at that. Like Canadian Tech said, it will be 6 months earlier than the original January 2020 timeframe. So what? I will not allow these kind of things to install on my systems running Windows 7, if possible.

      I don’t have to worry about future updates possibly breaking my still working Windows 7 systems now.

      Hope for the best. Prepare for the worst.

      7 users thanked author for this post.
      • #1874200 Reply

        BobT
        AskWoody Lounger

        Your post is pretty much what I was about to write.

        Rejected KB2952664 multiple times, of course it kept showing back up, now they’re slipping it in by the backdoor in a Security ONLY update. WAT?

        Ok then, no patches for me. Thankyou and goodbye Microsoft.

        My PC is my PERSONAL COMPUTER, not theirs.

      • #1874937 Reply

        Charlie
        AskWoody Plus

        When MS started the “all in one, roll-up” updates (group A), I stopped getting them and started with the Security Only updates. I had always avoided the MS driver updates and other things I didn’t need.  I didn’t and still don’t like having to download a 200 to 300 Megabyte update when only maybe 33 MB will apply to my system that month (which has been the usual size of the S.O. updates).

        Also, I happen to have a slow DSL connection and don’t want to spend the time downloading the entire list of updates every month when only a few may apply to me. The telemetry thing is just another part that didn’t bother me much years ago, but now has me really concerned. I don’t like not knowing what MS is possibly fouling up my computer with.

        Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

        1 user thanked author for this post.
    • #1873844 Reply

      Rick Corbett
      AskWoody_MVP

      At least MS still has 2 of its strategic imperatives running at full-tilt – its Prism-like intrusiveness (this topic) and EEE (i.e. Microsoft admitted to private Linux developer security list).

      There’s life (?) in the old dawg yet… 🙂

      (It’s life, Jim, but not as we know it…)

      2 users thanked author for this post.
    • #1873862 Reply

      MikeFromMarkham
      AskWoody Lounger

      Even #1 MicroShill Ed Bott can’t get a straight answer (or any answer) from Microsoft as to the inclusion of KB2952664 functionality to the July security-only update:

      https://www.zdnet.com/article/microsoft-stirs-suspicions-by-adding-telemetry-files-to-security-only-update/

      And while he offers his own theory about this inclusion (“I suspect that some part of the Appraiser component on Windows 7 SP1 has a security issue of its own. If that’s the case, then the updates indisputably belong in a Security-only update”), he also notes “there are still issues like this one where the company’s stubborn silence is baffling. It just serves as evidence for critics that the company has an ulterior motive. Would it really be that difficult to publicly state that the additional files were included because of an unspecified security issue?”

      Unless, of course, it’s not true Mr. Bott. But then, why should we trust anything Microsoft says at this point anyway?

      4 users thanked author for this post.
      • #1874083 Reply

        abbodi86
        AskWoody_MVP

        If it has a security vulnerability (undocumented), they should release updated version of KB2952664 with the fixes
        at least then might understand that

        4 users thanked author for this post.
        • #1874103 Reply

          PKCano
          Da Boss

          Too late now.
          It’s already on all the “Automatic Update” machines out there and many of the early SO patchers as well.
          Their mission is accomplished.

          1 user thanked author for this post.
    • #1873883 Reply

      anonymous

      After reading about this on Ask Woody today and after having installed the Windows 7 group B patches for July from AKB2000003 I found (using CCleaner) the following two startup tasks added:

      ================================================================
      Startup Tasks Removed (using CCleaner)
      ================================================================
      Program: Microsoft Compatibility Appraiser
      Publisher: Microsoft Corporation
      File: %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
      Location: \Microsoft\Windows\Application Experience
      —————————————————————-
      Program: ProgramDataUpdater
      Publisher: Microsoft Corporation
      File: %windir%\system32\compattelrunner.exe -maintenance
      Location: \Microsoft\Windows\Application Experience
      ================================================================

      I preferred removing them over just disabling them.

      I don’t know if the security update added any windows telemetry services, though. There is one service that is a program compatibility service, but I think it is for setting applications (using their property sheets) to run as if they are on earlier windows versions. Does anybody know more about windows telemetry services that might have been added by the update?

      3 users thanked author for this post.
    • #1873916 Reply

      Microfix
      Da Boss

      Yesterday, I patched KB4507448 SQMR on a W8.1 x64 device, no issues.
      Later I found that the Task Scheduler-Application Experience section
      preferences had been changed, so I reverted back to my settings.
      Today, I updated another Win8.1 x64 device with the same patch and
      found the same had happened!
      NOTE: both these devices have the same GP/Task Scheduler/Diagtrack settings.
      This has not happened before as I check settings once patched every month.

      BEFORE PATCH:
      TaskSchedBeforeAE

      AFTER PATCH:
      TaskSchedAfterAE

      Fortunately, I had previously removed the Diagtrack Service completely that
      ties into the telemetry reporting of the Microsoft Compatibility Appraiser.
      So, just a word of warning to others out there who use the same OS.
      (unsure whether this affects SO patches or 32bit versions)

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      Attachments:
      5 users thanked author for this post.
      • #1874031 Reply

        anonymous

        I want to thank PKCano for making this post and for the askwoody loungers and MVPs for expressing their concerns on a situation that is blatant behind ones back involving turning on settings that some of us have specifically turned off.

        Canadian Tech, James Bond 007, Sessh, Microfix and a few others are genuinely concerned about having telemetry added to an update patch. It was known to had been done in the normal patches Group A people received, but Group B security only were not having this. Microsoft know this. Even so Microsoft decides to add telemetry to the Security Only even though it is known those people DO NOT want to participate, and is even changing people’s settings and adding scheduled tasks for telemetry without any notification, permission or opt out.

        There is a reason why I am here reading askwody.com and have been for years. We love Woody. Woody is the one that leads the way in revealing what is going on and sometimes that news is not what we wanted to hear as in this issue. The askwoody people are like woody in asking, WHY? Woody is our Curmudgeon and this is why we are here in the first place.

        Thank you Woody for having the ASKWOODY.COM web site and for watching our backs.

        Moderator edit for content. Please follow the –Lounge Rules

        5 users thanked author for this post.
    • #1873988 Reply

      WildBill
      AskWoody Plus

      Thanks to @woody for covering this in a Computerworld article. This will catch up Windows 7 users who aren’t on AskWoody. 1 question though… why Wouldn’t they be on AskWoody?! Even without being a Plus member, they get breaking news & inside info First. & the newsletter for Plus members is worth whatever they’re willing to pay per year.

      Windows 8.1, 64-bit, leaning toward returning to Group A... & toward Windows 10 V1909. As long as it's a Lot Less Buggy!
      Wild Bill Rides Again...

      1 user thanked author for this post.
    • #1874000 Reply

      anonymous

      ? says:

      looking for some help to cut these out:

      file #347 assemblyIdentity name=”Microsoft-Windows-Compat-Appraiser-Logger

      file #406 assemblyIdentity name=”Microsoft-Windows-Application-Experience-Upgrade-Compat-Telemetry

      file #408 assemblyIdentity name=”Microsoft-Windows-Application-Experience-Upgrade-Compat-Telemetry

      from KB4507456

      thanx

      • #1874002 Reply

        PKCano
        Da Boss

        Look at @abbodi86 ‘s AKB2000012 for starters.

        1 user thanked author for this post.
        • #1874037 Reply

          anonymous

          ? says:

          thank you PK,

          excellent steps for after-the-fact however;

          i’m looking to remove the parts from the package before installing. i’m hoping someone here knows how to do it. i don’t want to take the time to learn just now since this win7 is a dying art. i know the package can be unlocked and customized to suit one’s needs

          • #1874043 Reply

            anonymous

            ? says:

            you know, something along these lines:

            Uninstalling ‘uninstallable’ Windows Updates

            w\o the learning curve, since i don’t want to make a career of it

            as always you are the best!

          • #1874084 Reply

            abbodi86
            AskWoody_MVP

            You cannot do that, it’s all or none

            1 user thanked author for this post.
            • #1874085 Reply

              anonymous

              ? says:

              thank you abbodi86! i was using MSFN to keep my XP running and there is a person over there who is quite skilled in opening KB’s and tayloring the contents to achieve the desired results before deploying them. i was hoping for the same with this KB…

            • #1874126 Reply

              abbodi86
              AskWoody_MVP

              I’m aware of the technique (that’s how i created the standalone WU client fix packages KB3161647)

              but it’s not easy if you want to exclude certain packages (because you will have to install all other manually)

              however, you can use install_wim_tweak or CBSEnum to remove the telemetry-components package after installing the update normally
              it should be the last numbered package, e.g. for x86:
              package_295_for_kb4507456~31bf3856ad364e35~x86~~6.1.1.8

            • #1874156 Reply

              anonymous

              ? says:

              thank you again abbodi86 that info was what i was after. since the damage this patch does to maintaining a little machine control and the repair is post mortem then my glimmer is gone. the “CREATOR” boys have worked their magic and it is time for me to clean up and go

            • #1874108 Reply

              OscarCP
              AskWoody Plus

              abbodi86: Would your advice to turn off or delete all the MS “Experience” services that run at start-up work to prevent unwanted telemetry in the case of Group A people that install security rollouts? Even if they cannot remove the cause of the problem, they may be able to prevent the spyware from doing anything undesirable. I am Group B and run Windows 7 in my PC, so I’ll be affected as well, unless I take preventive action, such as what you have suggested — when I decide to install the SO July patch. But I can wait for as long as necessary, to decide whether a new, revised and friendlier SO July update is likely to come out, or not, to take what I think would be the most appropriate action. And I’ll probably have to keep doing as just outlined, if MS keeps bundling their unwanted spyware with their updates in July, August, September… January.

              Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

            • #1874110 Reply

              PKCano
              Da Boss

              @abbodi86 has posted the instructions (with pictures) for controlling the telemetry in AKB2000012. Create a task to run at startup to continue to eliminate the offenders.

              1 user thanked author for this post.
            • #1874125 Reply

              OscarCP
              AskWoody Plus

              Thanks, PK. Scanning trough that thread you gave the link to, it seems intended for use by Group A and S&Q rollups. Is it also OK for Group B and the SO, or does it need some tweaks to be used that way?

              This question is also for abbodi86 of course.

              Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

            • #1874128 Reply

              PKCano
              Da Boss

              It is for the telemetry components. Does not matter which pstch put them there – the CU or the SO.

              3 users thanked author for this post.
    • #1874093 Reply

      bbearren
      AskWoody MVP

      I know there are members here who administer business networks, some with some finicky but necessary business software, and their burden is much different than mine.  I just have a home network, and I tinker with Windows a lot.

      Microsoft alone owns Windows, all versions/iterations.  The rest of us have a license to use the software on our hardware.  None of us own Windows in any version/iteration.  Read the EULA.  That is the licensing agreement to which you agreed when you first booted your PC/Laptop/Server/DIY hardware.  In the EULA, Microsoft has reserved the right to make changes at any time for any reason.

      There is an out, spelled out clearly by Microsoft, if you don’t like the changes.  Uninstall their software.  As for telemetry, I use O&O ShutUp10 to stop some, not all, of the telemetry.  I want MS to know how Windows 10 Pro interacts with my system/software setup, so that the next update/upgrade will just work.

      I don’t turn off automatic updates, I don’t read lists of “good/bad” updates.  If an update pooches one of my machines, I have drive images less than a week old to get right back to where I was before the update.  But I still don’t stop automatic updates; I’ve got an insurance policy in my drive images.  My OS partition is 100GB, and I can completely restore it in ~6 minutes.

      On Tuesdays I click “Check for updates”.  I used a MCT thumb drive to upgrade everything but my NAS to 1903 a while back, and I waited for MS to push it to my NAS.  This past Tuesday, they did, and I clicked “Download and install”.  About half an hour later, it was running 1903 without a peep.  It’s also running RAID 10 with four 3TB HDDs.  It’s all good.

      Microsoft is going to pursue their business model.  The only available option for any of us is to uninstall MS software and migrate to something else.  I’m OK with Windows 10 1903.  I’m OK with automatic updates.

      FWIW, no Windows update has ever pooched any of my machines.  On the other hand, I’ve pooched them myself countless times.  That’s why I rely on automatic drive imaging primarily, to protect me from myself.

      But for someone to say that Microsoft “doesn’t have the right to …”; yes, they do.  They’ve already told you about it, and you’ve already agreed to it.

      Create a fresh drive image before making system changes, in case you need to start over!
      "The problem is not the problem. The problem is your attitude about the problem. Savvy?"—Jack Sparrow
      "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
      "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

      1 user thanked author for this post.
      • #1874130 Reply

        anonymous

        All I can say is you must lead a blessed life in not having any problems generated by a Microsoft update. Of all the times Woody has said not to be a seeker, or not to get an update because there have been problems reported, it seems amazing that you never had one update fail you. While it is also nice that you have backups like Geekdoms Group G{ot backup}, it does relieve the pressure of worry.

        It is thanks to people like you that immediately go with the Microsoft updates that flow every month that the early warning canary starts to sing. Others like myself have definitely had issues with Microsoft updates failing to install, causing a black screen, causing an issue with other remote drives or some other glitch and the cure is to uninstall the patch and it is back to normal. Of all the people, including Woody, that has mentioned a patch harmed something on their computer and removal remedied it, how can this not be seen? Even if your computer is very accommodating to the updates, we all know everybody’s computer differs in some way. If everybody were not having issues, why are so many technically inclined people here at Woody’s state they are having an issue? I know woody is not writing false articles on issues a Microsoft patch has caused, because they have happened to me and others I serve. There are too many people criticizing Microsoft for harming their computer right after an update for me to say, “Microsoft is has the right to …”.

        There was even a lady in California that won a lawsuit against Microsoft about 2 years ago for them “upgrading” her machine to Windows 10. She claimed to had lost time and money with her businesses and the courts found in her favor or it was settled out of court for $10,000. If Microsoft CAN DO IT, then why did they loose that case?

        2 users thanked author for this post.
    • #1874118 Reply

      anonymous

      Wow. It seems people are late to the party. This was already leaked by MS employee two months ago on the flip internet site. All security updates going forward will have telemetry and spyware in it.

      • #1874123 Reply

        Microfix
        Da Boss

        interesting..and your evidence to back up your post is where? links, quotes from articles? anything?

        ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

        5 users thanked author for this post.
        • #1874230 Reply

          anonymous

          interesting..and your evidence to back up your post is where? links, quotes from articles? anything?

          Check dark net site. But mostly it will not be posted. Any time I post links and info to there it gets blocked and not posted. Even just mentioned it get blocked here.

          Moderator note: The last line of this post is blatantly untrue. If a post follows the RULES  it gets posted. If a link is considered unsafe (we vet every link) it will not be allowed, or it will get deleted. This holds true for any post, by anyone.

           

          1 user thanked author for this post.
          • #1874242 Reply

            OscarCP
            AskWoody Plus

            My endorsement above is to the Moderator’s Note.

            I believe that, in addition to the fact that news coming from the Dark Internet hardly deserve to be considered as, at best, nothing more than well-intentioned gossip (that some times might be correct and some times, totally off the wall), a link to a place there can be also, potentially, a link to a Web site infested by malware and converted into a slaved source of malware itself — besides who knows what other really nasty things that might be lurking there.

            Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

            1 user thanked author for this post.
            • #1875160 Reply

              anonymous

              I believe that, in addition to the fact that news coming from the Dark Internet hardly deserve to be considered as, at best, nothing more than well-intentioned gossip (that some times might be correct and some times, totally off the wall),

              From my experience, it is not gossip. It is truth that is release from people that are close to the facts. Many people on there are MS, Google, Amazon, etc employees who leak info to protect the public and stay anonymous and not lose their jobs.

      • #1874226 Reply

        anonymous

        Yes it was, but many people on this site do not go there. Plus, if people post anything that goes telling the truth from there it does not get posted here. I could get an account and see if my post get posted, but that is too much privacy to give up.

    • #1874204 Reply

      bbearren
      AskWoody MVP

      I’m not saying that people are not having issues with patches, they are.  I’m saying that I don’t, because I don’t.  By that same token, I’m not the canary in the mine, because I have nothing to report about bad patches.

      I’ve been keeping current drive images since the late ’90’s, so now I’m pretty much fearless about updates, etc.  We had a house fire in January, 2011 and I lost two mid-tower PC’s.  But my drive images were safe, so I only lost the hardware.  My oldest image is no more than a week old.  My data is multiply duplicated as well as backed up in the cloud.

      I also don’t run an OEM type Windows installation, mine is quite customized and tweaked.  I’m currently running three SSD’s and three HDD’s with stuff spread out over twenty partitions/logical drives, not counting the EFI partition.  My installation is fairly bulletproof to start with.

      All of that notwithstanding, the title of this topic is “Microsoft surreptitiously adds telemetry functionality to July 2019 Win7 Security-only patch.”  What I am saying is that Microsoft has said from the git-go that they are going to do things their way, and if we don’t like that, we can uninstall their software and quit using it.  We have been warned.

      Microsoft decided not to appeal the $10,000 judgement in California because it would have cost them more than that to take it to appeal.  And what is $10,000 to a company whose profit is measured in billions?  As I said before, they have a business model, and they are going to follow it.

      Create a fresh drive image before making system changes, in case you need to start over!
      "The problem is not the problem. The problem is your attitude about the problem. Savvy?"—Jack Sparrow
      "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
      "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

      • This reply was modified 3 months, 1 week ago by  bbearren.
    • #1874220 Reply

      anonymous

      Is interesting to analyze some side effects besides the privacy issue with telemetry (of course, that is alarming by default, but I want to add some things that a lot of people don’t think about).

      What about the Internet usage while your PC is idle or not using Internet? (Is that even possible nowadays? I remember the XP golden age when you could see your hdd light and Internet status WITHOUT ACTIVITY when the computer was at rest… Those days are gone.).

      What about side costs of the freemium Win10 paradigm? They use your PC power, energy, Internet connection, telemetry data… Is like you are paying monthly without paying.

      So… That’s important too when we talk about Telemetry. We are losing the possibility to be in “idle” when you are not using intensively your PC or your Internet connection.

      When is system level, no firewall can stop this from happening.

      I like to see my Internet modem with lights OFF when I’m not using Internet. Those days with telemetry everywhere are coming to an end…

      So, from Vista you have your HDD light working constantly, and from Windows 10 you have always connecting to Internet even if you are not using your connection by yourself…

    • #1874286 Reply

      anonymous

      Microsoft is not paying me for my data, my bandwidth, my time or my CPU /Memory resources that they are using on my PC to “improve” their product.  They should not be allowed to use my equipment for their purposes.  Telemetry and some Windows 10 features are just a Microsoft bot-net plain and simple.  They even use your PC to update other PCs local or internet…
      https://www.windowscentral.com/how-prevent-uploading-updates-other-computers-windows-10

      This is like having an open house, except that everybody raids the fridge and reads your mail and you get no benefit at all other than, bi-monthly headaches in the form of patches/updates that just cause more problems or even delete your data.

      It is time to switch to anything else… It will be painful but worth it.

    • #1874314 Reply

      johnf
      AskWoody Lounger

      Interesting Article in ZDNet today concerning Germany and Microsoft Telemetry:

      Microsoft Office 365: Banned in German schools over privacy fears

      While it’s not directly related to updates, the issue is Microsoft’s increased reliance on telemetry, and fears by other countries about sending data that could potentially be viewed by US Government agencies, or possibly leaked out due to a data breach and used as an attack vector by bad agents.

    • #1874379 Reply

      Steve S
      AskWoody Lounger

      There is one major problem with telemetry that either most are ignoring or simply not thinking about. Think about what telemetry is. It is an open door to data on your computer, A door that by its existence means your so called “secure” computer is not really secure. After all if m$ can go through the door, that others can as well. That data is likely not just going to m$, but possibly malware writer as well.

      If you want security at home, you do not leave an open door. No, you control the ins and outs. That alone means Windows 7 without telemetry is greatly more secure that build in hole for  telemetry that 10 has. It is one thing to say ms, my computer crashed. Here the data about it. It is another for ms to enter your computer have a look around, maybe take the Vincent Van Gogh and leave behind the three year old scribbling. Again any opening no matter how small is still a hole in your security. Better no holes if you want to be secure.

      Finally a famous Quote: Those who desire to give up freedom in order to gain security will not have either one.
      Benjamin Franklin

      Do we really want to give to ms the power to get anything, anywhere on our computers? Remember they write the code and can make more back doors and thus even more security holes. And malware comes in through those bugs and back doors.

      6 users thanked author for this post.
    • #1874423 Reply

      BobT
      AskWoody Lounger

      Presuming this will also be in the future patches too, this means those of us following Group B will now move into Group W. What’s the point of manual Security Only patches if you get the **** you don’t want from the auto-updated ones too?

      If so then for many of us, this now means patching for W7 has ended six months early. I won’t be installing any further patches from the June ones. I’d rather just be more vigilant with my machine and control what gets on it, and what it’s used for.

      And with this sort of behaviour, they expect me to want to “upgrade” and continue using their products? No thanks.

      1 user thanked author for this post.
    • #1874638 Reply

      walker
      AskWoody Lounger

      @pkcano:  I only now found this information and I have a question…..   Is this KB 4507456 for Group B only, or is it applicable to both Groups A & B?  I am Win 7, x64, Group A, no sophisticated programs.  Trying to avoid anything which may throw a “new problem” into the computer.    Your help with this one would be wonderful since I’m not certain where I go from here.  I understand that we are at Defcon 2, so nothing will be installed until we have the “all clear”, and hopefully any and all ideas which will help us all to avoid any “new” problems.  Thank you, as always, for your most kind assistance.

      • #1874639 Reply

        PKCano
        Da Boss

        KB 4507456 is the Security-only Update for Group B only.

        • #1874677 Reply

          walker
          AskWoody Lounger

          @pkcano:  I neglected to log in, I was so happy when I read your message I forgot. So this may be a duplicate message of the one I sent earlier.

          I can’t begin to say “thank you” enough for this wonderful information.   It REALLY “made my day”.  I am very grateful for your most helpful assistance, as always.    You are “THE BEST”!!!

    • #1874652 Reply

      RockJohny
      AskWoody Lounger

      I only installed the June updates but this KB4507456  is now installed and i don’t see an option to uninstall it. So what to do?

      I’m tempted to join the Me-Telemetry’d Too movement

      • #1874655 Reply

        PKCano
        Da Boss

        The only way the July Security-only Update KB4507456 can get installed on your computer is if you download it and manually install it yourself. It is not delivered through Windows Update.

        If it is installed you can uninstall it by going to Windows Update and clicking on “View installed updates” in the lower left corner. Highlight the update and click “Uninstall.”

        2 users thanked author for this post.
    • #1874923 Reply

      deckie49
      AskWoody Plus

      Thanks, PKCano!

      I try very hard to keep up with all the MS Update shenanagans and this forum really helps.

      But one thing keeps popping up in my head. If MS really wants to put telemetry or any other malicious junk into our computers, could it not do so as part of any released update? And could it not be so hidden in the code that it would be completely undetectable to anyone other than the MS coders?

      1 user thanked author for this post.
      • #1874936 Reply

        PKCano
        Da Boss

        If MS really wants to put telemetry or any other malicious junk into our computers, could it not do so as part of any released update?

        Absolutely. Microsoft can put whatever it wants in the updates. But there are those who can/will detect it (even if MS doesn’t come clean) and report it.

        2 users thanked author for this post.
        • #1875327 Reply

          anonymous

          When it comes time for the DEFCON level to be raised and that patch deemed ready to install I hope that Askwoody will place a big red asterisk next to that “Security Only” Windows 7 Update if it still has that telemetry baked in.

          I’m unsure if I’ll be applying that update in its current state on my windows 7 PCs/Laptops and it’s MS’s fault for not following its stated Security Only policies because most folks using the Update Catalog and installing Security Only updates are very likely not going to update to Windows 10 and MS should know better than to think otherwise. That goes doubly so for any further Security Only Updates for Windows 7 if they also have the same telemetry included.

          Maybe there should be Telemetry Alert system in place going forward in addition to the DEFCON system at Askwoody and that’s for any and all updates going forward for Windows 7, and 8.1 as well. Folks need to keep an Eye out for MS’s Moleware going forward and that extra non Security Only nefariousness from the folks in Redmond.

    • #1875302 Reply

      deanwmn
      AskWoody Plus

      ? says:

      was waiting for the other shoe to drop (or is it a jack-boot heel?) guess i have a few weeks to get over to Micro Center and get some ssd’s for my earlier than advertized Linux migration…

      hey Ginz does heinoganda sanitize win7 KB’s?

      mr. gates you should be ashamed

      Amazon came out with a keyboard for their Fire HD10 tablet – great reviews, I ordered one yesterday. Love the Silk browser! Fast, good sound and video, 64 GB, same size as other small tablets for a lot less money! And it appears to have great built-in protection! I downloaded Malwarebytes antivirus and they told me it would run fine – but wasn’t necessary! I ran it for a month or so, it never found anything, then uninstalled it.   The only thing lacking was the keyboard. Go ahead, Microcrud, do your worst – I’m now prepared.

      • #1875436 Reply

        anonymous

        ? says:

        excellent tip deanwmn! i took microsoft’s monopolistic forced winx borgish assimilation attempt and turned it into a learning experience since change is inevitable and often times makes life more enjoyable. since the forced march to winx started i now have 7 usb sticks with various flavors of linux on the bedside table ready to clone to disk that do everything that windows did and more at a whopping cost of the sticks and a few ssd’s! thank you, linus. a few years ago microsoft coulda shoulda done all this when they were really the only viable game in town. not anymore. too bad for them they don’t even seem to understand that you get what you give. i realize the responsibility of properly administering a monopoly since i worked an a buisness with no competition. then came the challengers cheaper, better and faster. i am glad that treating people as i want to be treated meant i had loyal customers who stayed on with me in spite of the (new) choices available the evolving market brought. i love windows and would be continuing with them except for how they have treated their (home user) customers and the direction they are now travelling. i’m guessing their current business strategy dictates all the questionable practices they are now employing, but hey i don’t occupy a seat in their boardroom so my thoughts are mostly conjecture. i will miss windows so i think i will enshrine these last win7 hdd’s next all the rest of the decomissioned windows (from 3.11 to vista) currently collecting dust in the closet. i can always pull them out and spin them up if i get too nostalgic.

    • #1875469 Reply

      ek
      AskWoody Lounger

      I have 3 Win 7 systems.  The unexpected (and unannounced) inclusion of telemetry was really the last straw for me.  A huge disappointment.

      All three of my Win 7 systems are dual boot, Win & Xubuntu (or Linux Mint).  I set them up this way when the systems were new.  I only use Windows for a handful of graphics applications I need to use occasionally.  Ultimately, I use Linux on my systems 99% of the time.

      I’ve had automatic Windows updates disabled for a few years now.  But due to the recent telemetry surprise I decided to take more proactive steps… because I just can’t risk MS doing something crazy to my Win 7 systems during these final ~8 months before Win 7 goes EOL.

      So, as others here have declared: I’m not going to install anymore updates.  I’m just going to take many/all of the steps mentioned on this site to keep my Win 7 systems safe for another few years.  The systems are pretty old and I will replace them in the next year or two.  I may run Win 10 on some/all of them – but only if I see MS majorly improving how it’s handling Win 10 releases and updates.  If not, it would be a pity because I’m been an MS customer since the Z80 days (yep, I’m old) – but I won’t look back if I completely walk away from MS products.

      I use a Raspberry Pi based Pihole DNS filter in my home net (actually two, for redundancy) [don’t fret Woody, I whitelist your site].  So one of the steps I’ve taken is to add some pihole filter rules to effectively block MS telemetry and updates.  With the rules in place, I reviewed the pihole logs to see the results.  Most of what I saw was expected.  A few things were not.  I’ll discuss a couple:

      I noted MS’s teredo ipv4-to-ipv6 tunnel was enabled on two of my systems.  My home net is ipv4 only – and my router blocks ipv6 – so, teredo is of zero use to me.  Besides, I believe teredo is pretty much abandoned by MS for Win 7 & 8 now.  So I disabled it:

      netsh interface teredo set state disabled

      The other item was the MS Network Awareness (NCSI).  You can read about it here:
      https://blog.superuser.com/2011/05/16/windows-7-network-awareness/

      Anyway, NCSI may have been a great idea years ago, but today it just seems like another potential point of failure or abuse – so I disabled it via the registry setting mentioned in the above article.

      For the other steps I took, I took advantage of my Linux/Win dual boot capability.  I booted linux, mounted the Windows partition, cd’d to the windows system32 dir and:

      mv CompatTel CompatTel_DISABLED

      mv CompatTelRunner.exe CompatTelRunner_DISABLED.exe

      Then I unmounted the partition.  This method bypasses all the permissions incantations to do this from within Windows.

      I do have the scheduled tasks disabled for the above… but I want to make sure the stuff never runs again – ever.

      I can’t believe it’s come to the point where I actually have to treat MS update and telemetry services as potential malware.  So disappointing.

      1 user thanked author for this post.
    • #1885484 Reply

      anonymous

      https://www.ghacks.net/2019/07/11/did-microsoft-just-drop-the-telemetry-bomb-on-windows-7-users-without-telling-anyone/

      ghacks says

      “This is not the first time that Microsoft slipped Compatibility Appraiser into a security-only update. The company did so in September 2018 for Windows 7 but informed users and administrators about it in advance.”

      I think they got that wrong but not sure.

      • #1885487 Reply

        PKCano
        Da Boss

        The functionality was added to the Rollup Preview in Sept. 2018, and to the Monthly Rollup in Oct. 2018. But July 2019 is the first time they added KB2952664 functionality (Compatibility Appraiser) to the Security-only Update.

        5 users thanked author for this post.
    • #1896968 Reply

      Slowpoke47
      AskWoody Plus

      Well… telemetry has made Google one of the two most valuable companies on our fair planet and Facebook is right there as well.  Microsoft has a little way to go to reach the top of the heap, seems like they are trying.

      Anyone else read Shoshana Zuboff’s “The Age of Surveillance Capitalism?”  If she’s right, there is likely no stopping this train.

      Meanwhile, back at the station, I’m with those who will skip the July Security-only update rather than enable MS telemetry.  I’m headed to Linux anyway.

      Slowpoke (group B)

      • #1897036 Reply

        anonymous

        Hi Slowpoke, I do not disagree with your conclusions. I am embarrassed to say the I am still “headed to Linux”, for more years than I care to admit. I still have not committed to one distribution or flavor, and so have data drives that I access from whatever I’m trying this time. This may be my new normal going forward.

        I do however want to separate the discussion of “data harvesting for profit” away from “telemetry”. Telemetry should only mean “accurate measurements from a distance”. Meaning the vital statistics of the system to diagnose, repair, prevent and improve performance of the system alone. Telemetry does not need to include user’s data in order to report the data was handled properly. It might require some data to be included when reporting a failure to perform properly. But it should not cover using that data for profit, for the entertainment of contracted employees, or any other use beyond diagnostic.

        Data harvesting is big business, an unethical business model in my opinion. It should not be allowed to hide under the ethical label of “telemetry”.

        1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Microsoft surreptitiously adds telemetry functionality to July 2019 Win7 Security-only patch

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel