
close
close
In April 2015, Microsoft released a non-security update for Windows 7 and 8. It added a new Windows service called the Diagnostics Tracking service, which changes the way in which the OS gathers, collects, and sends your diagnostics information from your computer to Microsoft’s servers.
In Microsoft’s words: “The Diagnostic and Telemetry service collects diagnostics information about functional issues on Windows systems that participate in the Windows Customer Experience Improvement Program (CEIP). CEIP reports don’t contain contact information, such as your name, address, or telephone number.”
CEIP is a program that was initiated by Microsoft, designed to pull diagnostic information from users’ PCs with the purpose of helping Microsoft understand what applications and parts of the OS that aren’t working to aid Microsoft in designing improvements and fixes.
Since then, two new updates upgraded this service, KB 3068708 and KB 3080149. The first update was presented as a critical one, where it was automatically installed by anyone using the default Windows Update settings.
On top of these updates, KB 3075249 changed the way in which the User Account Control (UAC) works, enabling it to collect more information from the elevated prompts presented to the user.
All the listed updates make changes to the operating system that results in it transmitting data through hard-coded servers, vortex-win.data.microsoft.com and
settings-win.data.microsoft.com.
Although the title of this article focuses on desktop operating systems, these updates are also installed on Windows Server 2008/R2 and Windows Server 2012/R2.
Also note that traffic to these servers is encrypted by SSL (HTTPS traffic), which makes it a bit more secure, but also very difficult to determine what exactly is being sent from your computer.
Although outgoing traffic to these servers can be blocked by the built-in Windows Firewall, using the Hosts file to redirect traffic to a bogus IP address, such as 127.0.0.1 is not allowed, and the HOSTS file is actually bypassed when attempting to resolve these names. They are hard coded into system files and cannot be turned off easily.
Those of you not wishing to send telemetry data to Microsoft, my best advice would be simply not to install these updates in the first place. For those of you that have already installed them and for those who are not able to control what updates are installed on their computers because of internal update management systems, my advice to you is to remove those updates using the Control Panel or by running the following commands using an elevated command prompt:
wusa /uninstall /kb:3068708 /quiet /norestart wusa /uninstall /kb:3022345 /quiet /norestart wusa /uninstall /kb:3075249 /quiet /norestart wusa /uninstall /kb:3080149 /quiet /norestart
You may also want to hide these updates by right-clicking on each of them and selecting Hide update. However, Microsoft may change the settings of updates in such a way that they may become unhidden.
If you did install these updates and do not wish to uninstall them, there are some ways that can help you reduce most of this data transmission, if not entirely, by opting out from the Customer Experience Improvement Program (CEIP), and by disabling the Diagnostics Tracking service.
advertisment
In Windows 7, type Experience in the Start menu search bar.
The search menu bar. (Image Credit: Daniel Petri)
Change Customer Experience Improvement Program Settings. (Image Credit: Daniel Petri)
The Windows Start menu in Windows 8. (Image Credit: Daniel Petri)
Disabling CEIP for Windows Media Player. (Image Credit: Daniel Petri)
Disabling CEIP in Microsoft Office programs. (Image Credit: Daniel Petri)
In addition, you may also want to disable the Diagnostics Tracking service. To do so, open Services snap-in on your computer.
In Windows 7, you can access if by typing Services in the Start menu search bar, or by right-clicking Computer, then clicking Manage.
Double click the Diagnostics Tracking service, change the startup type to Disabled, click Stop, then click OK to confirm.
In Windows 8/8.1, you can access if by typing Services in the Start page, or by right-clicking the Start button (in 8.1) then clicking Computer Management.
Double click the Diagnostics Tracking service, change the startup type to Disabled, click Stop, then click OK.
It’s recommended to reboot your computer.
On both operating systems you may also use the “sc” command from the Command Prompt, or the “Set-Service” commandlet from PowerShell.
You can also control these settings from Group Policy Objects (GPOs).
More from Daniel Petri
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Windows Client OS
Best Practices for Installing Active Directory Domain Controllers in a Virtual Machine
Apr 15, 2022 | Michael Taschler
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group