Mystery patch KB 3035583 for Windows 7 and 8 revealed
Late last month a mysterious patch suddenly appeared as an Optional entry in the Windows Automatic Update chute. At the time I wrote:
Conjecture at this point: It’s somehow related to the ability to upgrade directly from Windows 7 or 8 to Windows 10. But of course, the official documentation doesn’t say anything of the sort.
The crows have come home to roost and, thanks to a German researcher named Gerard Himmelein at heise.de, we now have a more thorough understanding of exactly what Microsoft’s dishing out (a Google English translation of the post is available). Yesterday Jan Willem Aldershoff at Myce posted an analysis in English, with a Dutch-language screenshot, and this morning Vlad Dudau at Neowin gave us an English-language shot.
Microsoft provides an explanation — of sorts — in the KB article:
This update enables additional capabilities for Windows Update notifications when new updates are available to the user. It applies to a computer that is running Windows 8.1 or Windows 7 Service Pack 1 (SP1).
That’s the entirety of the official explanation.
Analysis shows, though, that KB 3035583 is a shill for Windows 10. As poster rugk on the eset Security Forum says, it’s “an adware/PUA/PUS/PUP for Windows 10 upgrade.”
Aldershoff goes into detail:
Once the update is downloaded it adds a folder to System32 called “GWX” which contains 9 files and a folder called “Download”. One of the four .EXE files reveals what the update really is, the description of GWXUXWorker.EXE states, “Download Windows 10″. This explains the X in the name, the X is the Romanian [sic] number 10.
The folder also contains “config.xml” which contains some URLs that at the moment of writing didn’t work. The config file mentions “OnlineAdURL” that points to https://go.microsoft.com/fwlink/?LinkID=526874 and Telemetry BaseURL pointing to http://g.bing.com/GWX/.
Dudau adds:
In the same system folder, users can find a config XML file that goes through the program’s behavior depending on what “phase” Windows 10 is in. For example, currently the program doesn’t display any notifications or act in any way because we’re currently in the “None” phase. But as we get to the “RTM” phase of Windows 10, users will likely see a new Live Tile show up on their Start Screen, pointing to the upcoming OS. Similarly, taskbar notifications will also be displayed when Windows 10 launches, prompting users to update.
Is the patch an unwanted intrusion or just a convenient way to let Windows 7, 8, and 8.1 users upgrade to the (free) Windows 10?
I guess that depends on your point of view. But it sure would’ve been nice if Microsoft had simply told us the truth, instead of sneaking another controversial come-on into its patch list.
Source: InfoWorld
So…..what should we do? Allow it to download or what? I have Windows 7 and I’m definitely interested in upgrading to Windows 10 when it’s available but is this okay to download?
The article says it is one of the OPTIONAL items from Win Updates. That makes me suspicious. I never download those because I never seem to be able to tell what they actually are without spending hours visiting the MS website to figure out. Apparently MS has made this one even more cryptic.
Also, the article says “……. that KB 3035583 is a shill for Windows 10. As poster rugk on the eset Security Forum says, it’s “an adware/PUA/PUS/PUP for Windows 10 upgrade.”
Bottom line: I’m not going to download it, and I’m not going to worry about it because….it is an optional download. I plan to upgrade to Win 10, too. But not right away, and not until after “the bugs” are identified and fixed.
Mine came through as Important, not Optional, and fortunately I say when and WHAT gets installed onto my computer! NOT Microsoft or anyone else!! I know someone that just recently was having issues with his computer….and it was because of Updates….he didn’t know which….I’m willing to bet it was THIS one!! Changes were made he said. I hid the update until, when, or if I decide to install it! Me, no one else!
If you haven’t before this, then now would be a good time to go to Windows Updates and Change Settings…..you want: Check for updates but let me choose whether to download and install them.
If you don’t do this you’re going to end up with Windows 10, whether you want it or not, among a whole lot of other things, before it’s been out in the public and we get to see what’s going on with it! You could potentially end up with problems! IMHO
Sue, better to be safe than sorry….you can always install it down the road. In the meantime “hide” it and don’t allow updates to install themselves….it’s your machine, take control. YOU tell it what to do, not the other way around. Check your settings for how the updates get installed….you’ll want: “Check for updates but let me choose whether to download and install them.”
Good luck, pb
Sue, better to be safe than sorry….you can always install it down the road. In the meantime “hide” it and don’t allow updates to install themselves….it’s your machine, take control. YOU tell it what to do, not the other way around. Check your settings for how the updates get installed….you’ll want: “Check for updates but let me choose whether to download and install them.”
Good luck, pb
Well peoples–What me worry??? NO, this does not apply to the best operating system Microsoft has ever had, Windows XP which again I will say I will not be stampeded out of! I am a crank and proud of it.
Microsoft Windows Updates, and in recent times no guarantees that updates will not cause problems, as experienced on more than one occasion.
I had a modicum of computer knowledge up to Windows 95, through which I gained more into Win 98, Win 98SE, Win XP, Win 7, Win 8 and 8.1, (and reverted to Windows 7 again.)
My computer knowledge has vastly increased with the continued information from TC & EB since Cloudeight was ‘born’.
There was trust in the computer world in the ‘early years’, now we have to build a ‘fortress with a moat’ around our computers, but the bombardment of ‘nasties’ does not stop, which brings me to the point that TC & EB (Darcy & TC) have continued to tell computer users to, “READ EVERYTHING BEFORE CLICKING”, so with that in mind, I do not allow automatic updates, I read every update when released and want to know where it is going and what it will do.
I am sure that TC & EB will keep us informed relating to KB 3035583.
So I have KB3035583 installed. It was not listed as “optional” …. it was listed as an update for 8.1 which is the Windows version that I have and of course, I am gullible and think that any update for 8.1 is supposed to “enhance” or “protect” my OS. What do I do? Is the computer going to blow up in my face or is this a precursor to the up and coming free download for Windows 10 and if we don’t have it Windows 10 won’t install? I am not sure I understand. What is a “shill”? Am I the only one who doesn’t know the definition to this new word in my “computer dictionary”? Should I uninstall it or is the install uninstalable? Thanks TC and EB for keeping us informed of this “intrusion update” or is it okay to leave it and see what happens? OMG I just don’t know anymore!!!!
I want to know what the big deal is about not downloading the KB3035583 update, especially as some say they are going to download Win 10 at some point. I just try to keep malware and bad junk off my computer. Win 10 is going to be free, so why get your underware in knots over a update; since, Microsoft is giving to you for $000.00. Give me a cotton picking break. If you turn you mobile phone on you can be tracked any place your at. That’s just the way things are today. Do I like it, heck no, but there is nothing we can do about it, unless you want to give your up your computer and your cell phones as well. I’m a long way from wanting to do that.
It really has nothing to do with tracking, spying or being malicious. It has to do with being annoying – it’s been called a NAG BOMB. In other words, it constantly reminds you that Windows 10 is coming, that you can get it free, etc. And, of course, when Windows 10 is released, you’ll be nagged to upgrade. Nothing wrong with it if you don’t mind being nagged. If you don’t mind being nagged, then it shouldn’t be a problem at all for you. Personally, if my grocery store were going to give away $100 worth of free groceries three months from now, I would be grateful for the free groceries, but I sure wouldn’t want someone knocking on my door every couple of days reminding me that 3 months from now, two months from now, one month from now, 3 weeks from now, two weeks from now, one week from now, 5 days from now, 2 days from now – that Miller’s Grocery was giving away $100 worth of groceries – I am sure I’d remember that I could get $100 worth of free groceries without being nagged. And I am grateful that Microsoft is making amends for Windows 8x – and giving away Windows 10 to wash the bad taste out of most people’s mouths. But I sure don’t need to be nagged to get it. I will get it when it comes out and I’m sure they’ll be no secret on the day it is released that it is available. So, I really don’t need to be nagged; if they are giving it away free, that’s great, but that doesn’t give them the right to install a billboard on my computer to remind me how magnanimous they are or to countdown the days until I can get Windows 10.
To sum it up – it’s not a privacy issue at all; it is an annoyance issue.
Thank you both for this summary you posted! For us Senior Citizens, all this new updating, etc., can be so very
confusing and makes it hard to decide what to do? So after reading what you wrote, I am so relieved! I know
you read it all the time, but the two of you are GREAT!!