Evidence obtained by German hardware site tecChannel suggests a list of software installed on an XP machine is sent to Microsoft when users run Windows Update. When patches are downloaded, a few kilobytes of data are sent in the opposite direction over a secure SSL channel. Because the data is encrypted a simple packet sniffer can’t be used to see what this data contains. However tecChannel’s tecDUMP utility takes advantage of an undocumented WinInet API, enabling an examination of the data before it becomes encrypted. According to tecChannel, the information sent to Microsoft includes details of all the software installed in a machine, not only Microsoft applications. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.