Another Microsoft SPYWARE Attack !! Backup Utility tried to send TWO updates to Windows update

From: Jonmith (Zerowolfe_at_aol.com)
Date: 07/10/03 

Date: Thu, 10 Jul 2003 21:58:32 GMT

Is Windows just Spyware or what? Since I've installed my firewall, I've
noticed that many programs are sending usage information to Windows Update.
Today I ran the backup utility and it fired off two communications to
Windows Update, see information below. I suppose this has been happening
all along, but I've only noticed it since blocking outgoing TCP with McAfee
firewall (good program by the way). Anyone know if this is standard
practice by Microsoft? Do they routinely collect usage information via this
kind of embedded spyware?

McAfee Firewall alerted on an attempt by the program "Microsoft Volume
Shadow Copy Service" located in C:\WINDOWS\SYSTEM32\VSSVC.EXE, to
communicate in a way that was disallowed by the program's filtering rules.
The data
direction was outbound. The IP protocol type was TCP/IP. The remote port
was 443 [HTTPS]. The domain name was v4.windowsupdate.microsoft.com. The IP
address was 207.46.134.126. The user's response to the alert was to deny the
communication this time.

AND

McAfee Firewall alerted on an attempt by the program "Ms DTC console program
v03.01.00.4414" located in C:\WINDOWS\SYSTEM32\MSDTC.EXE, to
communicate in a way that was disallowed by the program's filtering rules.
The data
direction was outbound. The IP protocol type was TCP/IP. The remote port
was 443 [HTTPS]. The domain name was v4.windowsupdate.microsoft.com. The IP
address was 207.46.134.126. The user's response to the alert was to deny the
communication this time.

Anyone know about this? Is it happening to any of you?

Relevant Pages

  • Re: Another Microsoft SPYWARE Attack !! Backup Utility tried to send TWO updates to Windows update
    ... > Is Windows just Spyware or what? ... Since I've installed my firewall, ... > they routinely collect usage information via this kind of embedded ... > communicate in a way that was disallowed by the program's filtering ...
    (microsoft.public.windowsxp.security_admin)
  • Re: I am having connectivity problems
    ... firewall and turned ON Windows firewall. ... When I tried to install SP2 I was unable to get it thru Windows Update. ... does the connection problem persist? ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: I am having connectivity problems
    ... Are you telling me that the ZA firewall AND the Windows Firewall was enabled when you installed SP3 via Windows Update? ... This Service "protects" Windows and disallows certain changes to be made (e.g., the changes install SP3 will make), so it should have been disabled prior to installing SP3. ... does the connection problem persist? ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Buy a PC at Best Buy today and plug it in - how long till I get a virus?
    ... Using cablemodem, router, dedicated PC NAT firewall, Win98SE. ... regarding ZA Pro while running windows update, ... In another case of 98SE on same computer, there is no software protection ...
    (microsoft.public.security.virus)
  • Re: mcafee firewall exception in CPD.exe
    ... I scanned all drives with Stinger and with Mcafee, both on Safe Mode, ... firewall for them to do ... closing the browser or disconnecting from the net. ... >> All windows update applied to OS and browser ...
    (comp.security.firewalls)