Microsoft Discreetly Drops ‘Telemetry’ As Part Of Larger ‘Security Cumulative Update’ Without First Informing Windows 7 Users?

Microsoft appears to have once again attempted to sneak telemetry components. The company released security updates for all supported operating systems on the July 2019 Patch Day. However, this month’s cumulative updates, which were supposed to contain only security-related components, contain an unexpected compatibility/telemetry component.

The suspicious components were hidden in plain sight. Incidentally, this is the second time Microsoft has attempted to insert telemetry components. However, during the first attempt the Windows OS maker had openly mentioned the inclusion of the telemetry components, whereas this time, the company didn’t offer any indication. This methodology appears to an attempt to garner more accurate data about usage and installation patterns of the Windows operating system as Microsoft will soon phase out Windows 7.

Windows Update delivered several packages of security and reliability fixes for Windows 7 earlier this week. The packages are different for each of the Windows operating system’s versions that Microsoft officially supports. However, the ‘cumulative update’ package contained a rather suspicious component. The security update in question was intended for Microsoft Windows 7 Operating System (OS) which was released as part of the July 2019 Patch Day.

Several Windows 7 OS users who carefully monitor the updates that Microsoft delivers, spotted suspicious individual components inserted within the cumulative update package. At present, Windows 7 administrators get to choose between a security-only update and a monthly rollup update. The security-only updates are supposed to contain only security-related patches. The monthly rollup update can also include, among many security updates, several non-security changes such as bug-fixes, quality fixes, diagnostic tools, feature additions or service improvements. While Microsoft occasionally adds new features to Windows 7, a few components appear to be tailored to gather telemetry data.

Microsoft Sneaks In Telemetry Components In KB4507456 Cumulative Update:

As expected, Microsoft delivered the Monthly Rollup of Security-Only Cumulative Updates for the month of July 2019. It is officially titled, ‘July 9, 2019—KB4507456 (Security-only update).’ However, apart from security-only updates, this package contains KB2952664, which is officially called, ‘Compatibility Appraiser.’ Microsoft chooses to tag the KB2952664 as a tool that is designed to identify issues that could prevent a Windows 7 PC from updating to Windows 10.

Interestingly, several reports indicate installing the security-only update replaces the rather questionable KB2952664. This is the notorious Compatibility update that is supposed to keep Windows up-to-date and also make sure that upgrades to Windows 10 work as expected. “With the July 2019-07 Security Only Quality Update KB4507456, Microsoft has slipped this functionality into a security-only patch without any warning, thus adding the “Compatibility Appraiser” and its scheduled tasks (telemetry) to the update. The package details for KB4507456 say it replaces KB2952664 (among other updates),” reports Woody Leonhard.

In other words, KB4507456 seems to have included more than just security patches for the various components of the Windows 7 operating system. As expected, the inclusion has caused skepticism within Windows 7 users that Microsoft might have dropped the update in preparation of pulling Windows 7’s support and the expected push of Windows 10 on these systems. The opposition to installing the Compatibility Appraiser is quite high. In fact, this particular update is actively avoided. There is a widespread concern that components like these are nothing but tools and methods that Microsoft uses to force another round of updates or to spy on individual PCs.

The Compatibility Appraiser update inserted in the cumulative monthly rollup update is concerning because the word telemetry appears in at least one file. Windows OS users claim that to install such an update essentially grants Microsoft the ability to innocuously collect user data, which could be likened to spyware.

Is Microsoft Updating A Flawed Compatibility Appraiser Tool?

Microsoft has essentially slipped the rather questionable functionality into a security-only patch without any warning into the July 2019-07 Security-Only Quality Update KB4507456. However, Microsoft has categorically noted that KB4507456 replaces KB2952664 (among other updates). The carefully worded description of the KB4507456 update may imply that some part of the Appraiser component on Windows 7 SP1 has a security issue of its own. If that’s accurate, then Microsoft is justified in inserting an update that addresses the Compatibility Appraiser within a Security-only update. In simple words, Microsoft is merely updating a pre-existing tool.

Interestingly, this appears to be an interesting workaround to ensure the Compatibility Appraiser tool gets installed on PCs running Windows 7. Microsoft may have resorted to these tactics owing to the way the company had organized the delivery of updates. About three years ago, Microsoft split its monthly update packages for Windows 7 and Windows 8.1 into two separate delivery methodologies: Monthly Rollup of Update Fixes and Security-only Update package. As indicated by the name, the monthly rollup of updates is a large package that contains several smaller components. However, the users who want only those patches that are absolutely essential can install the security-only update package. Incidentally, these security packages are delivered individually.

However, the latest delivery of KB4507456 packaged within the cumulative update achieves one thing successfully. It gets the Compatibility Appraiser installed even on PCs that never had the same. The update was previously avoidable before because several Windows 7 OS users carefully sifted through the list of security updates and regularly deselected the update that contained the telemetry tool. Still, Microsoft did offer the Appraiser tool via Windows Update, both separately and as part of a monthly rollup update two years ago. This means many Windows 7 PCs do have the tool installed anyways.

Incidentally, Microsoft hasn’t categorically confirmed that the Compatibility Appraiser tool contains GWX or upgrade functionality. Hence the update appears mostly harmless. Still, Windows 7 OS users have faced the problem of uninitiated upgrades to Windows 10 in the early days of the latest operating system from Microsoft. Hence their suspicion is at least justified, even if it may not have the necessary evidence-backed credibility.

Despite the seemingly harmless nature of the KB4507456 cumulative update package, Windows 7 is rapidly approaching its end-of-support date. Microsoft has repeatedly confirmed that it would pull official support of Windows 7 on January 14, 2020, for the majority of personal and non-commercial users of Windows 7 OS. Under this circumstance, users must seriously consider upgrading to Windows 10 OS as early as possible.


Alap Naik Desai

A B.Tech Plastics (UDCT) and a Windows enthusiast. Optimizing the OS, exploring software, searching and deploying solutions to strange and weird issues is Alap's main interest.