<!--#include virtual="/server/header.html" -->
<!-- Parent-Version: 1.84 -->
<title>Microsoft's Software Is Malware
- GNU Project - Free Software Foundation</title>
 <!--#include virtual="/proprietary/po/malware-microsoft.translist" -->
<!--#include virtual="/server/banner.html" -->

<h2>Microsoft's Software is Malware</h2>

<p><a href="/proprietary/proprietary.html">Other examples of proprietary

<div class="highlight-para">
<em>Malware</em> means software designed to function in ways that
mistreat or harm the user.  (This does not include accidental errors.)
This page explains how Microsoft software is malware.

Malware and nonfree software are two different issues.  The difference
between <a href="/philosophy/free-sw.html">free software</a> and
nonfree software is in
<a href="/philosophy/free-software-even-more-important.html">
whether the users have control of the program or vice versa</a>.  It's
not directly a question of what the program <em>does</em> when it
runs.  However, in practice nonfree software is often malware,
because the developer's awareness that the users would be powerless to fix
any malicious functionalities tempts the developer to impose some.

<p>If you know of an example that ought to be in this page but isn't
here, please write
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>
to inform us. Please include the URL of a trustworthy reference or two
to present the specifics.</p>

<div class="summary" style="margin-top: 2em">
<h3>Type of malware</h3>
<li><a href="#back-doors">Back doors</a></li>
<!--<li><a href="#censorship">Censorship</a></li>-->
<li><a href="#insecurity">Insecurity</a></li>
<li><a href="#sabotage">Sabotage</a></li>
<li><a href="#interference">Interference</a></li>
<li><a href="#surveillance">Surveillance</a></li>
<li><a href="#drm">Digital restrictions
    management</a> or “DRM” means functionalities designed
    to restrict what users can do with the data in their computers.</li>
<li><a href="#jails">Jails</a>—systems
    that impose censorship on application programs.</li>
<li><a href="#tyrants">Tyrants</a>—systems
    that reject any operating system not “authorized” by the
<li><a href="#subscriptions">Subscriptions</a></li>

<h3 id="back-doors">Microsoft Back Doors</h3>
  <li><p><a href="https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/">
  Microsoft has already backdoored its disk encryption</a>.</p></li>

  <li><p>Microsoft Windows has a universal back door through which <a href="http://www.informationweek.com/microsoft-updates-windows-without-user-permission-apologizes/d/d-id/1059183">
  any change whatsoever can be imposed on the users</a>.</p>

  <p>More information on when <a href="http://slated.org/windows_by_stealth_the_updates_you_dont_want">
  this was used</a>.</p>

  <p>In Windows 10, the universal back door is no longer hidden; all “upgrades” will be
  <a href="http://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/">forcibly and immediately imposed</a>.</p></li>

  <li><p><a href="http://www.computerworld.com/article/2500036/desktop-apps/microsoft--we-can-remotely-delete-windows-8-apps.html">
  Windows 8 also has a back door for remotely deleting apps</a>.</p>

  <p>You might well decide to let a security service that you trust
  remotely <em>deactivate</em> programs that it considers malicious.
  But there is no excuse for <em>deleting</em> the programs, and you
  should have the right to decide who (if anyone) to trust in this way.</p></li>

  <li><p>German government <a href="https://web.archive.org/web/20160310201616/http://drleonardcoldwell.com/2013/08/23/leaked-german-government-warns-key-entities-not-to-use-windows-8-linked-to-nsa/">veers
      away from Windows 8 computers with TPM 2.0 due to potential back
      door capabilities of the TPM 2.0 chip</a>.</p>

<li id="windows7-back-door"><p>Users reported that <a 
    Microsoft was forcing them to replace Windows 7 and 8 with all-spying 
    Windows 10</a>.</p>

    <p>Microsoft was in fact <a 
    attacking computers that run Windows 7 and 8</a>, switching on a flag 
    that said whether to “upgrade” to Windows 10 when users 
    had turned it off.</p>

    <p>Later on, Microsoft published instructions on <a 
    how to permanently reject the downgrade to Windows 10</a>.</p>

    <p>This seems to involve use of a back door in Windows 7 and 8.</p>


<h3 id="insecurity">Microsoft Insecurity</h3>

<p>These bugs are/were not intentional, so unlike the rest of the file
  they do not count as malware. We mention them to refute the
  supposition that prestigious proprietary software doesn't have grave


  <p>Exploits of bugs in Windows, which were developed by the NSA
	and then leaked by the Shadowbrokers group, are now being used to
	<a href="https://theintercept.com/2017/05/12/the-nsas-lost-digital-weapon-is-helping-hijack-computers-around-the-world/">attack a great number
	of Windows computers with ransomware</a>.

    <li><p>A <a href="http://www.zdnet.com/article/windows-attack-can-steal-your-username-password-and-other-logins/">flaw in Internet Explorer and Edge</a>
    allows an attacker to retrieve Microsoft account credentials, if
    the user is tricked into visiting a malicious link.</p>
<p><a href="http://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/">
Point-of-sale terminals running Windows were taken over and turned
into a botnet for the purpose of collecting customers' credit card


<h3 id="sabotage">Microsoft Sabotage</h3>

<p>The wrongs in this section are not precisely malware, since they do
not involve making the program that runs in a way that hurts the user.
But they are a lot like malware, since they are technical Microsoft
actions that harm to the users of specific Microsoft software.</p>

  <li><p> Microsoft
      <a href="https://arstechnica.com/information-technology/2017/04/new-processors-are-now-blocked-from-receiving-updates-on-old-windows/">
	has dropped support for Windows 7 and 8 on recent processors</a>
      in a big hurry.</p>
    <p>It makes no difference what legitimate reasons Microsoft might
      have for not doing work to support them. If it doesn't want to
      do this work, it should let users do the work.</p>

    <p>Microsoft has made Windows 7 and 8 cease to function on certain
      new computers,
      <a href="https://support.microsoft.com/en-us/help/4012982/discusses-an-issue-in-which-you-receive-a-your-pc-uses-a-processor-tha">effectively href="https://support.microsoft.com/en-us/help/4012982/the-processor-is-not-supported-together-with-the-windows-version-that">effectively
      forcing their owners to switch to Windows 10</a>.</p>

  <li><p>Once Microsoft has tricked a user into accepting installation
   of Windows
   10, <a href="http://www.theregister.co.uk/2016/06/01/windows_10_nagware_no_way_out/">they
   find that they are denied the option to cancel or even postpone the
   imposed date of installation</a>.
   <p>This demonstrates what we've said for years: using proprietary
   software means letting someone have power over you, and you're
   going to get screwed sooner or later.</p></li>

  has <a href="http://www.theverge.com/2016/1/16/10780876/microsoft-windows-support-policy-new-processors-skylake">desupported
  all future Intel CPUs for Windows 7 and 8</a>. Those machines will
  be stuck with the nastier Windows 10.
  <a href="http://gizmodo.com/only-the-latest-version-of-windows-will-run-on-some-fut-1753545825">
  AMD and Qualcomm CPUs, too</a>.
  <p>Of course, Windows 7 and 8 are unethical too, because they are
  proprietary software.  But this example of Microsoft's wielding its
  power demonstrates the power it holds.
  <p>Free software developers also stop maintaining old versions of
  their programs, but this is not unfair to users because the
  users of free software have control over it.  If it is important
  enough to you, you and other users can hire someone to support
  the old version on your future platforms.

    is <a href="http://gizmodo.com/woman-wins-10-000-from-microsoft-after-unwanted-window-1782666146">
    forcibly pushing Windows
    update to its version 10</a>, ignoring the flag on Windows 7 or 8
    that you could set to not upgrade.  This reaffirms the presence of
    a <a href="/proprietary/proprietary-back-doors.html">universal
    back door in Windows</a> 7 and 8.</p></li>

  <li><p>Windows 10 “upgrades” <a
      delete applications</a> without asking permission.</p></li>

  Microsoft is <a href="http://www.theguardian.com/technology/2015/sep/11/microsoft-downloading-windows-1">
  repeatedly nagging many users to install Windows 10</a>.

Microsoft was for months <a
tricking users into “upgrading” to Windows 10</a>, if they
failed to notice and say no.

  Microsoft informs the NSA of bugs in Windows before fixing them.</a></p></li>

  <li><p><a href="http://www.computerworlduk.com/blogs/open-enterprise/windows-xp-end-of-an-era-end-of-an-error-3569489/">
  Microsoft cut off security fixes for Windows XP, except to some big users
  that pay exorbitantly.</a></p>

  <p>Microsoft is going to
  <a href="http://www.computerworlduk.com/news/security/3605515/more-than-half-of-all-ie-users-face-patch-axe-in-10-months/">
  cut off support for some Internet Explorer versions</a> in the same way.</p>

  <p>A person or company has the right to cease to work on a
  particular program; the wrong here is Microsoft does this after having
  made the users dependent on Microsoft, because they are not free to ask
  anyone else to work on the program for them.</p></li>

<h3 id="interference">Microsoft Interference</h3>

<p>Various proprietary programs often mess up the user's system. They are like sabotage, but they are not grave enough to qualify 
for the word “sabotage”. Nonetheless, they are nasty and wrong. This section describes examples of Microsoft committing

  <li><p>Microsoft is planning to make Windows <a
      impose use of its browser, Edge, in certain circumstances</a>.</p>
    <p>The reason Microsoft can force things on users is that Windows is

  <li><p>Windows displays
      <a href="http://www.theverge.com/2017/3/17/14956540/microsoft-windows-10-ads-taskbar-file-explorer">
	intrusive ads for Microsoft products and its
	partners' products</a>.</p>
    <p>The article's author starts from the premise that Microsoft
      has a right to control what Windows does to users, as long as it
      doesn't go “too far”. We disagree.</p></li>
  <li><p>Microsoft inserts <a
      annoying advertisements inside of the File Explorer</a> to nag
      users to buy subscriptions for the OneDrive service.</p></li>

<li>In order to increase Windows 10's install base, Microsoft
blatantly disregards user choice and privacy</a>.

<li><p>Microsoft has
started <a href="https://www.theguardian.com/technology/2016/jul/04/microsoft-windows-10-full-screen-upgrade-notification-pop-up-reminder">nagging
users obnoxiously and repeatedly to install Windows 10</a>.</p></li>

      <a href="http://news.softpedia.com/news/windows-10-upgrade-reportedly-starting-automatically-on-windows-7-pcs-501651.shtml">is
        users</a> <a
into replacing Windows 7 with Windows 10</a>.</p></li>

  <li><p>Microsoft has made companies' Windows machines managed by the
sysadmins <a href="http://www.infoworld.com/article/3042397/microsoft-windows/admins-beware-domain-attached-pcs-are-sprouting-get-windows-10-ads.html">harangue
users to complain to the sysadmins about not “upgrading” to Windows

<h3 id="surveillance">Microsoft Surveillance</h3>


<li><p>Windows 10 telemetry program sends information to Microsoft about the
user's computer and their use of the computer.</p>

<p>Furthermore, for users who installed the fourth stable build of
Windows 10, called the “Creators Update,” Windows maximized the
surveillance <a
    by force setting the telemetry mode to “Full”</a>.</p>

<p>The <a
 “Full” telemetry mode</a> allows Microsoft Windows
 engineers to access, among other things, registry keys
 <a href="https://technet.microsoft.com/en-us/library/cc939702.aspx">which
 can contain sensitive information like administrator's login

<li><p>Windows DRM
files <a href="https://yro.slashdot.org/story/17/02/02/231229/windows-drm-protected-files-used-to-decloak-tor-browser-users">can
be used to identify people browsing through Tor</a>. The vulnerability
exists only if you use Windows.

<li><p>By default, Windows 10 <a href="http://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties">sends
debugging information to Microsoft, including core dumps</a>. Microsoft
now distributes them to another company.</p></li>

<li>It appears <a
Windows 10 sends data to Microsoft about what applications are 

<li><p>A downgrade to Windows 10 deleted surveillance-detection
applications.  Then another downgrade inserted a general spying
program.  Users noticed this and complained, so Microsoft
renamed it <a
to give users the impression it was gone</a>.</p>

<p>To use proprietary software is to invite such treatment.</p></li>

  <a href="https://duo.com/blog/bring-your-own-dilemma-oem-laptops-and-windows-10-security">
  Windows 10 comes with 13 screens of snooping options</a>, all enabled by default,
  and turning them off would be daunting to most users.</p></li>

  Windows 10 <a href="https://web.archive.org/web/20151001035410/https://jonathan.porta.codes/2015/07/30/windows-10-seems-to-have-some-scary-privacy-defaults/">
  ships with default settings that show no regard for the
  privacy of its users</a>, giving Microsoft the “right”
  to snoop on the users' files, text input, voice input,
  location info, contacts, calendar records and web browsing
  history, as well as automatically connecting the machines to open
  hotspots and showing targeted ads.</p>

  <p>We can suppose Microsoft look at users' files for the US government on
  demand, though the “privacy policy” does not explicit say so. Will it
  look at users' files for the Chinese government on demand?</p></li>

  <a href="http://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/">
  Windows 10 sends identifiable information to Microsoft</a>, even if a user
  turns off its Bing search and Cortana features, and activates the
  privacy-protection settings.</p></li>

  <li><p>The unique “advertising ID” for each user enables other companies to
  track the browsing of each specific user.</p></li>

  <li>Spyware in Windows 8: <a href="https://web.archive.org/web/20160313105805/http://www.theregister.co.uk/2003/02/28/windows_update_keeps_tabs/">
  Windows Update snoops on the user.</a>
  <a href="http://www.infoworld.com/t/microsoft-windows/look-the-black-underbelly-of-windows-81-blue-222175"> href="https://www.infoworld.com/article/2611451/microsoft-windows/a-look-at-the-black-underbelly-of-windows-8-1--blue-.html">
  Windows 8.1 snoops on local searches.</a> And there's a
  <a href="http://www.marketoracle.co.uk/Article40836.html">
  secret NSA key in Windows</a>, whose functions we don't know.</li>

  <a href="http://www.itproportal.com/2014/05/14/microsoft-openly-offered-cloud-data-fbi-and-nsa/">
  Microsoft SkyDrive allows the NSA to directly examine users' data.</a></p>

  <li><p>Spyware in Skype:
      <a href="http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/">
      Microsoft changed Skype
      <a href="http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data">
      specifically for spying</a>.</p>

  Microsoft uses Windows 10's “privacy policy” to overtly impose a
  “right” to look at users' files at any time. Windows 10 full disk
  encryption <a href="https://edri.org/microsofts-new-small-print-how-your-personal-data-abused/">
  gives Microsoft a key</a>.</p>

  <p>Thus, Windows is overt malware in regard to surveillance,
  as in other issues.</p>

  <p>We can suppose Microsoft look at users' files for the US government on
  demand, though the “privacy policy” does not explicit say so. Will it
  look at users' files for the Chinese government on demand?</p>

  <p>The unique “advertising ID” for each user enables other companies to
  track the browsing of each specific user.</p>

  <p>It's as if Microsoft has deliberately chosen to make Windows 10
  maximally evil on every dimension; to make a grab for total power
  over anyone that doesn't drop Windows now.</p></li>


<h3 id="drm">Microsoft DRM</h3>
  <li><p><a href="http://arstechnica.com/apple/2007/08/aacs-tentacles/">
  DRM (digital restrictions mechanisms) in Windows</a>, introduced to
  cater to <a href="/proprietary/proprietary-drm.html#bluray">Bluray</a> disks.
  (The article also talks about how the same malware would later be introduced
  in MacOS.)</p></li>

<h3 id="jails">Microsoft Jails</h3>
    <p>Windows 10 S ought to be called Windows 10 J, for “Jail”: was a jail: <a href="https://www.theguardian.com/technology/2017/may/03/windows-10-s-microsoft-faster-pc-comparison">only
      only programs from the Windows Store can could be
	downloaded installed and executed</a>.</p>

	<p>If the history
      executed</a>. It was however possible to <a
      upgrade to Windows 10 Pro</a>. The successor of iOS as a jail Windows 10 S is any indication, a
      special configuration of Windows 10 J
	will be no better.</p>


  <li><p><a href="http://www.itworld.com/operating-systems/301057/microsoft-metro-app-store-lockdown"> called <a
      S mode</a>. The major difference with Windows 10 S is that there
      is an easy way to switch out of S mode.</p></li>

    <p><a href="http://www.itworld.com/article/2832657/operating-systems/microsoft-metro-app-store-lock-down.html">
      Windows 8 on “mobile devices” is (now defunct) was a jail</a>: it censors the
  user's choice of application programs.</p></li>

<h3 id="tyrants">Microsoft Tyrants</h3>
<p>Microsoft accidentally left a way for users to install GNU/Linux
on Windows RT tablets, but now it has <a
    “fixed” the “error”</a>. They have the
gall to call this “protecting” the users.  The article
talks of installing “Linux”, but the context shows it is
really <a href="/gnu/linux-and-gnu.html">GNU/Linux</a> that users
  <li><p><a href="http://fsf.org/campaigns/secure-boot-vs-restricted-boot/">
  Mobile devices that come with Windows 8 are tyrants</a>: they block
  users from installing other or modified operating systems.</p></li>

<h3 id="subscriptions">Microsoft Subscriptions</h3>

<li><p>Microsoft Office forces
      users <a href="https://www.computerworld.com/article/2948755/windows-apps/office-for-windows-10-will-require-office-365-subscription-on-pcs-larger-tablets.html">to
      subscribe to Office 365 to be able to create/edit

<p>As this page shows, if you do want to clean your computer of malware,
the first software to delete is Windows.</p>

</div><!-- for id="content", starts in the include above -->
<!--#include virtual="/server/footer.html" -->
<div id="footer">
<div class="unprintable">

<p>Please send general FSF & GNU inquiries to
<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>.
There are also <a href="/contact/">other ways to contact</a>
the FSF.  Broken links and other corrections or suggestions can be sent
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p>

<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
        replace it with the translation of these two:

        We work hard and do our best to provide accurate, good quality
        translations.  However, we are not exempt from imperfection.
        Please send your comments and general suggestions in this regard
        to <a href="mailto:web-translators@gnu.org">

        <p>For information on coordinating and submitting translations of
        our web pages, see <a
        README</a>. -->
Please see the <a
README</a> for information on coordinating and submitting translations
of this article.</p>

<!-- Regarding copyright, in general, standalone pages (as opposed to
     files generated as part of manuals) on the GNU web server should
     be under CC BY-ND 4.0.  Please do NOT change or remove this
     without talking with the webmasters or licensing team first.
     Please make sure the copyright date is consistent with the
     document.  For web pages, it is ok to list just the latest year the
     document was modified, or published.

     If you wish to list earlier years, that is ok too.
     Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
     years, as long as each year in the range is in fact a copyrightable
     year, i.e., a year in which the document was published (including
     being publicly visible on the web or in a revision control system).

     There is more detail about copyright years in the GNU Maintainers
     Information document, www.gnu.org/prep/maintain. -->

<p>Copyright © 2014, 2015, 2016, 2017 2017, 2018 Free Software Foundation, Inc.</p>

<p>This page is licensed under a <a rel="license"
Commons Attribution-NoDerivatives Attribution 4.0 International License</a>.</p>

<!--#include virtual="/server/bottom-notes.html" -->

<p class="unprintable">Updated:
<!-- timestamp start -->
$Date: 2018/07/25 02:00:51 $
<!-- timestamp end -->