Re: Microsoft's WGA spyware again!
- From: "VanguardLH" <VanguardLH@xxxxxxxxxxxx>
- Date: Sun, 16 Dec 2007 03:16:35 -0600
"Jeff" <jeff@xxxxxxxx> wrote in message news:e2v%23QW1PIHA.5980@xxxxxxxxxxxxxxxxxxxxxxx
VanguardLH wrote:"Jeff" <jeff@xxxxxxxx> wrote in message
news:u6WpPOmPIHA.4136@xxxxxxxxxxxxxxxxxxxxxxx
In 2006 when Microsoft seems to have introduced its "Windows Genuine
Advantage" there was an outcry by the public because it was
discovered that this WGA was in fact spyware that called home to
Microsoft on a regular basis. The outcry was such that Microsoft
provided a way to uninstall it.
My PCs have been running XP for years and I have downloaded critical
updates on a regular basis without WGA. But, in the last set of
critical updates I could not download them without first having to
download and install WGA. My Windows XPs are all legit and I have no
problem with Microsoft checking that they are legit at the time of
the critical update download, but I do have a problem with my PCs
connecting to Microsoft at other times because there is no reason
for that and it introduces additional risks.
Does anyone know anything about this new WGA installation? There
seem to have been n o messages about it on the newslist after the
2006 ones and my questions on the general XP newslist go unanswered.
Can the new WGA be uninstalled using the old uninstall tools? Does
it call home like the old one did?
You are talking about the AX control used when visiting their web
page, not the event that runs when you start Windows. Everytime you
visit the WU site, it checks if you have the latest version of this AX
control. It runs when you use their WU site. If you don't want it to
run, don't do updates.
No, I am not. I update regularly and know what the regular check AX
control is. This last update was different. It specifically said it
needed to upgrade some Windows "components" before proceeding further.
When I said OK, the popup window said "Installing Windows Genuine
Advantage". This is something new. Happened on 2 of my PCs. First 2
times I stopped it and cancelled the WGA installation, but it would not
then go on to the critical updates and there was no way to bypass it on other tries.
Yep, you're talking about the AX control that the WU web page requires. It is executed only when you visit that web page. A new version of that AX control had to be installed before it could interrogate your host to determine what updates to present to you. This is not updating the wgatray.exe program.
If you want to check this, go install an HIPS product, like Online Armor, System Safety Monitor, AntiHook, ProcessGuard (a dead product), or AppDefend (an abandoned product for over a year now). Leave them in learning mode. Reboot the host so they can learn what is loading on Windows startup. Then go into their program monitoring and disable wgatray.exe from running when you boot windows. Now go to the WU web site and download that new AX control for WGA. Reboot the host. You'll see that AX control is *not* used during Windows startup. Your HIPS will only prompt you to let it run when you visit the WU page.
So it did install WGA without which I could not get the critical
updates. I have since gone to IE6's Tools/Manage Add-ons and when I
select to see "Add-ons that have been used by Internet Explorer",
Windows Genuine Advantage is indeed listed among them and listed as
enabled.
And again you are talking about the AX control that is only ran when you visit the WU web site (and when using Internet Explorer).
.
- References:
- Microsoft's WGA spyware again!
- From: Jeff
- Re: Microsoft's WGA spyware again!
- From: VanguardLH
- Re: Microsoft's WGA spyware again!
- From: Jeff
- Microsoft's WGA spyware again!
- Prev by Date: RE: Defect in Security Update KB942615 for Internet Explorer 6
- Next by Date: Re: Need Help Major computer problems
- Previous by thread: Re: Microsoft's WGA spyware again!
- Next by thread: Re: Microsoft's WGA spyware again!
- Index(es):
Relevant Pages
|
