Windows 7 updates July 2019

July 16th, 2019 by Stephen Jones Leave a reply »

Last week there were Windows Updateof security and reliability fixes for Windows 7 as part of the normal Patch Tuesday delivery cycle for every version of Windows. icrosoft split its monthly update packages for Windows 7 and Windows 8.1 into two distinct offerings: a monthly rollup of updates and fixes and, for those who are want only those patches that are absolutely essential, a Security-only update package. Under Microsoft’s rules, what it calls “Security-only updates” are supposed to include,only security updates, not quality fixes or diagnostic tools. However, this month’s Security-only update, the “July 9, 2019—KB4507456 (Security-only update),” bundled in the Compatibility Appraiser, KB2952664, which is designed to identify issues that could prevent a Windows 7 PC from updating to Windows 10.

The concern is that these components are being used to prepare either for another round of forced updates or to spy on individual PCs. The word telemetry appears in at least one file, and for some it seems to be a short step from innocuous data collection to spyware. Microsoft appeared to be surreptitiously adding telemetry functionality to most of its solutions. Microsoft has slipped this functionality into a security-only patch without any warning, thus adding the “Compatibility Appraiser” and its scheduled tasks (telemetry) to the update. The package details for KB4507456 say it replaces KB2952664 (among other updates). So this is not a security-only update.

The Appraiser tool was offered via Windows Update, both separately and as part of a monthly rollup update two years ago; as a result, most of the declining population of Windows 7 PCs already has it installed. Given the headaches users faced over unwanted upgrades back in Windows 10′s first year why is Microsoft reluctant to talk about security issues except in formal settings like release notes and support bulletins.

This has already been an exhausting week thanks to a pair of Windows 10 zero-day exploits being used in the wild, by Kremlin-backed hackers.

Advertisement

Comments are closed.