Latest Windows 7/8/8.1 Updates Spy on you like Windows 10

9

Windows 10 has been installed by more than 50 million users worldwide, yet, it remains a little known fact that Windows 10 operating system captures and reports user data back to Microsoft servers.

Due to this, many loyal Windows users are unhappy with Windows 10 spying capabilities, and have chosen to instead stick with Windows 7 or Windows 8/8.1. However, the latest updates Microsoft has been pushing to Windows 7, 8 and 8.1 users could change everything for the privacy conscious.

Microsoft’s latest updates named, KB3075249 and KB3080149, are responsible for reporting user data back to Microsoft servers.

KB3075249 adds telemetry points to consent.exe running in Windows 7 and the 8.1 operating system versions. Microsoft’s support page describes the two updates as:

  • KB3075249 – “This update adds telemetry points to the User Account Control (UAC) feature to collect information on elevations that come from low integrity levels.”
  • KB3080149 – “This package updates the Diagnostics and Telemetry tracking service to existing devices. This service provides benefits from the latest version of Windows to systems that have not yet upgraded. The update also supports applications that are subscribed to Visual Studio Application Insights.”

Simply put, if these updates are installed on any Windows machines, they will snoop on you and report data back to Microsoft servers just as Windows 10 does by default. Once the updates are installed, the machine is no more private than a Windows 10 machine as it reports swaths of personal data right back to the company.

Windows 7/8/8.1 Snooping Updates Don’t Stop There

There is little to no news regarding the updates, however, tech forums are enraged about the company’s spying habits. Users throughout various forums have reported users should avoid the following updates from Microsoft:

pia red
  • KB3035583– According to Microsoft, this update enables “additional capabilities for Windows Update notifications when new updates are available”.
  • KB2952664 – Labeled a compatibility upgrade for upgrading Windows 7, its purpose is to “make improvements to the current operating system in order to ease the upgrade experience to the latest version of Windows”.
  • KB2976978 – A compatibility update for Windows 8.1 and Windows 8 which “performs diagnostics on the Windows system [..] to determine whether compatibility issues may be encountered when the latest Windows operating system is installed.
  • KB3021917 – Does the same as KB2976978 but on Windows 7.
  • KB3044374 – This update for Windows 8.1 enables systems to upgrade from the current operating system to a later version of Windows.
  • KB2990214 – Does the same as KB3044374 but on Windows 7.
  • KB30223

If you enjoy your privacy and have stuck to an earlier Windows version to avoid Microsoft’s data collection abuse, we highly recommend you avoid the updates mentioned above. But how do you know if any of the following updates were installed on your machine? Easy!

pia red

How to Uninstall the Privacy Violating Updates

To check if any of the following updates are installed on your system, you can:

  1. Click the Windows Start Menu on the bottom left, type in CMD and hit enter
  2. Type powershell and hit enter
  3. Run the following command to check whether or not an update is installed: get-hotfix -id KB3035583
  4. If you wish to speed things up you can run multiple checks in a single command like this: get-hotfix -id KB3035583,KB2952664,KB2976978,KB3021917,KB3044374,KB2990214,KB3022345

If no update is found, the command prompt may bring up some red text with an error, don’t worry though, it’s simply stating no update with that label exists. However, if an update is found, it should display some information such as description, ID and the date it was installed.

If you wish to remove any of the updates you can follow the steps below to remove these privacy violating updates in Windows 7/8/8.1 (we cannot be help responsible if anything happens to your system during any of these processes):

  1. Once again click the Windows Start Menu, type CMD and hit enter. If you are still in powershell from the previous commands, type exit to leave.
  2. Execute the following command to uninstall any desired patches and change the end numbers to uninstall different updates: wusa /uninstall /kb:2952664

A full list of updates that can spy on you was listed on SevenForums, with users claiming the following should not be installed:
KB2876229 (if you want Skype then install it), KB2923545, KB2970228, KB3035583, KB2990214, KB3021917, KB3068708 , KB2592687, KB2660075, KB2506928, KB2952664 x2, KB3050265, KB2726535, KB2994023, KB3022345 (replaced by KB3068708 Telemetry), KB3022345 (caused false sfc result), KB2545698 (IE9), KB3065987, KB3080149 and KB3075249, however this list has not yet been independently verified.

To ensure your system stays safe from these spying updates, be sure to check the status code before installing any updates. If you notice any of the above, simply right click the update, and select hide this update. Be careful though, they may reappear after a reboot.

[Photo via Robert Scoble/Flickr (CC BY 2.0)]

About Author

Gadget guy, freelance writer and coder at heart . Passionate in infosec and cybersecurity!

9 Comments

  1. Thank-you for the info!
    Just wanted to show what I picked up from this webpage:

    Blocked 2 potential HTML canvas fingerprinting attempts on this page
    Prevented a script on https://freedomhacker.net from capturing the point (16, 16) on the following 300px × 150px canvas:
    Prevented a script on https://freedomhacker.net from capturing the following 300px × 150px canvas:
    300px × 150px

  2. The CMD operation doesn’t work on my Windows 7.1 Home Premium system. Computer responds with:

    get-hotfix is not recognized as in internal or external command, operable program or batch file

    • Hello Zeke,

      Have you ensured that the updates you are trying to uninstall are active on the system? Try our command and ensure they are installed. If you are trying to uninstall an update that is not there, an error code will read.

      Please let us know!

    • Just open Control Panel, Programs and Features, and then in the left side bar, click on View Installed Updates. A complete list of your updates will appear. Select the desired update and Uninstall will appear in the top blue bar, just to the right of “Organize”. Click on Uninstall, and a dialog box will appear asking you if you want to uninstall this update. Click on yes and the deletion begins. At the end of the delete you will be notified that a restart is required to complete the uninstall. If you are only uninstalling one update, then click on yes. If you are uninstalling several, you may select “Later” and then do the reset for all at the end of the last installation.

      You can only deal with one update at a time with this procedure, but it is easy and effective.

      • Hey Skytrooper thanks for the info! What system are you using? We found the same thing on a Windows 7 machine but have been hearing mixed reports from W8 and W10 users. Regardless thank you for the info!!

  3. I realise this is a bit of an old article now, but the following updates are not spyware, rather, they are genuine fixes to various components and updates, for example, to the RDP protocol, and a fix for html extension files, along with updates to the time-zone list and adding Sudan to list of countries: –

    KB2592687 – rdp protocol update
    KB2506928 – fix for outlook with .html files
    KB2545698 – blurry font fix for IE9
    KB2660075 – fix for time-zone
    KB2726535 – adds south sudan to countries list
    KB2923545 – rdp version 8.1 update

Leave A Reply

Send this to friend