Security patch, at that! Microsoft, in their relentless quest to ensure that as many people upgrade to Windows 10 as early as possible, may have pulled off a sneaky little trick.
There are reports that the software titan has installed a new ad generating routine into IE.
Via a security patch that was rolled out this Tuesday, during the monthly Patch Tuesday update cycle.
The software titan has documented everything, albeit in the most obscure manner possible. But vague or not, many people believe that disguising an ad generator inside a security patch is very much crossing the line.
Anyway, MS16-023 is the security patch for Internet Explorer this time around, and Microsoft explains this as following:
“This security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage in Internet Explorer… Additionally, this security update includes several nonsecurity-related fixes for Internet Explorer.”
Remote code execution, all fine. But the non-security related bit is the interesting part here. The KB article above has the company further listing six such fixes, one of which is KB3146449. And this is the one that brings the ads to the browser:
“This update adds functionality to Internet Explorer 11 on some computers that lets users learn about Windows 10 or start an upgrade to Windows 10.”
Essentially, this is a way for the company to educate users that the new OS is out.
Several machines are now showing a little blue banner when a user opens a new tab, which says that Microsoft recommends upgrading to Windows 10.
The important thing to note here is that 3146449 is not deployed separately, meaning it is not possible to manually remove it. It does not appear in the installed updates list, and this update is pretty much baked into the IE security patch KB3139929.
Leaving no choice for users that want to remove the ads, but to remove the security patch entirely.
Computers that are attached to corporate domains are spared, but the general users have no choice but to keep this patch installed if they want to stay on the safe side of things.