Heise says that, unbeknownst to end users, Windows Update sends data to a server at http://genuine.microsoft.com when a user refuses to install the software. The data transmitted includes encrypted strings as well as information about the user's version of Windows, the version of the WGA notification tool, and the language of the operating system. According to Heise, Microsoft might even be able to identify individual computers with some of this information.
The site asked Microsoft about the subject, but the company said the purpose of the data collection was to "improve the quality of the WGA for users," and that the data did not identify end users. Nonetheless, the company reportedly declined to explain why the software doesn't inform the end user that data is being sent—or ask for his or her consent.
WGA notification cancellation sends data to Microsoft
Posted on Thursday, March 08 2007 @ 16:10 CET by Thomas De Maesschalck