Home > Cyber News > KB4507456 Security-Only Update Bundled with Telemetry
CYBER NEWS

KB4507456 Security-Only Update Bundled with Telemetry

It’s been some time since we last talked about Windows-related telemetry. However, this is now changing with the latest Patch Tuesday for July 2019, which includes a bonus for Windows 7 users. According to “hawk-eyed” users, a “security-only” Windows 7 update contains hidden telemetry. The patch in question is KB4507456.




What is KB4507456 all about?

According to the official Microsoft advisory, KB4507456 is a security update that includes quality improvements, such as:

Security updates to Windows Server, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Shell, Windows Input and Composition, and Windows Kernel.

What some people noticed is that this security-only updates is in fact bundled with a Compatibility Appraiser, KB2952664. Surprisingly or not, KB2952664’s purpose is to identify issues that could prevent Windows 7 computers from updating to Windows 10.

It is very interesting to note that KB2952664 has been around for quite some time, and it’s a Windows 7 compatibility update which has been re-released multiples times in 2014 and 2015. The update has caused lots of crashes for users over time.

Related: [wplinkpreview url=”https://sensorstechforum.com/uninstall-windows-updates-kb3068708-kb3022345-and-fix-errors/”] Uninstall Windows Updates KB3068708, KB3022345 and Fix Errors

So does the Compatibility Appraiser tool do? CompatTelRunner.exe is the Microsoft Compatibility Appraiser which scans Windows 7/8/8.1 application files residing on the computer to assess their compatibility with Windows 10 if an upgrade is performed, explains Microfocus.

The concern about the compatibility appraiser being bundled with a regular security update (KB4507456) is that these components are being employed to prepare Windows 7 systems to update to Windows 10. What is worse is that this is done in a concealed way, and perhaps user should be on the lookout for a round of forced updates. And some unwanted telemetry. In fact, it appears that the word “telemetry” shows up in at least one file, meaning that data collection is on the way.

Long story short, we’re once again witnessing Microsoft slipping this compatibility and telemetry components into a security-only patch, without warning users in any way.

Ed Bott from ZDNet, however, says that there’s also the suspicion that some part of the Appraiser component on Windows 7 SP1 had a security issue. In this case, the updates definitely belong in a security-only update, he said.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree