A revealing report over at theInquirer says that the Group Policy components in Windows 10 Enterprise edition may not be functionality correctly. After altering the PC settings using GPO, those switches are continually reset to the default. This is particularly concerning for some of the privacy settings for Windows 10.
The security researcher, Mark Burnett (@m8urnett), went on to show that with teredo IPv6 disabled, the system still checks for IPv6 connectivity. SmartScreen is disabled but it still connects. Telemetry is disabled. Still connects. Error reporting disabled. Still connects. Sync-related services all disabled at a group level. Still connects.
Online KMS validation disabled, still connects. All connections except Updates to Microsoft blocked. Still connects to a range of ad servers. Yes advertising servers. Burnett confirms that all these calls are made by Windows 10, not by any apps.
Microsoft has responded to the situation, but only to say that there are ways of turning this stuff off, but the company suggests that companies don’t do it because it disrupts user experiences and security.
This issue could potentially be big. We’ll just have to wait and see how Microsoft ultimately responds beyond a quick PR blurb.
Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!