Sos Sosowski

So, Microsoft is silently installing Copilot onto Windows Server 2022 systems and this is a disaster.

How can you push a tool that siphons data to a third party onto a security-critical system?

What privileges does it have upon install? Who thought this is a good idea? And most importantly, who needs this?

#infosec #security #openai #microsoft #windowsserver #copilot

Apr 15, 2024 at 8:28amWeb
Show threadSos SosowskiApr 15, 2024
Source: https://twitter.com/shuv1337/status/1779643044675100771
shuv (@shuv1337) on X

@kennethvs I assumed this was just bait, but I logged into my 2022 Server and it looks like it just installed itself today.

X (formerly Twitter)
Show threadHaroApr 15, 2024

@sos Well. They said, it installed 'itself'. That's the answer. It's looking for a home, you see? 😂

Jokes aside, what a sh*t show. 👎

Show threadsilhouette   Apr 15, 2024
@sos didn't they *just* revert course on this in Server 2025?
Show threadLeonie  Apr 15, 2024
@sos @nixCraft There’s no way I’ll ever run Windows Server
Show threadsortiusApr 15, 2024
@sos this reinforces my efforts to ditch MS since they decided to force ads on me. My server is 2019, but I'll still be blowing that away soon enough
Show threadRobApr 15, 2024
@sos What an absolute disgrace
Show threadSchenkl | 🏳️‍🌈🦄Apr 15, 2024

@sos The Problem is to install Windows Server and than use it as a security-critical system...

And obviously give it access to the internet.

Show threadPeBoApr 15, 2024
@schenklklopfer @sos The Problem is installing Windows Server FULLSTOP
Show threadDieuApr 15, 2024
@pebo @schenklklopfer @sos Could as well have stopped after "Windows".
Show threadPeBoApr 15, 2024
@hllizi @schenklklopfer @sos
Shure, added this. Thanks for the reminder.
Show threadPeBoApr 15, 2024
@schenklklopfer @sos The Problem is installing Windows
FULLSTOP
Show threadJay 🚩 Apr 15, 2024
@sos that's why #RunBSD
Show threadSos SosowskiApr 15, 2024
@jaypatelani Yesss!!!
Show threadNuncio Bitis 🏳️‍🌈 🇵🇸 🇺🇦Apr 15, 2024
@sos It's already installed in Outlook.
I've literally seen ai.exe running on my windows computer for work. I keep deleting the executable but every now and then it grows back.
Show threadVashApr 15, 2024
@sos
I also stumbled across this and uninstalled it immediately, not knowing when it was installed
Show threadMads Fog AlbrechtslundApr 15, 2024

@sos For your information this is not the full blown Microsoft Copilot, it is just a Webapp feature of Microsoft Edge. Look at the size of the Microsoft Copilot listed in the “Apps & features" screenshot.

More information here: https://windowsreport.com/copilot-is-getting-installed-again-on-windows-server-but-you-can-get-rid-of-it-with-this-policy-setting/

Copilot is getting installed (again) on Windows Server, but you can get rid of it with this policy setting

Many Windows Server users discovered tthat Copilot installed automatically on their machines. Here's why and how to get rid of it!

Windows Report
Show threadSos SosowskiApr 15, 2024
@hazenet "don’t panic. Even if Copilot is installed on Windows Server, you can get rid of it." WHAT?
Show threadthegreekgeekApr 15, 2024
@sos
That guy's got the jokes lol
@hazenet
Show thread🪨Apr 15, 2024
@sos One more argument for using Linux on servers... As if the list wasn't long enough...
Show threadPaul TourvilleApr 15, 2024
@sos NOW is it time to dump Microsoft? I think /maybe/ so... but what do /I/ know?
Show threadNikhil 🐧Apr 15, 2024
@sos tbh not really surprising news but rather something that could be expected
Show threadStefan RitterApr 15, 2024
@sos 8kb ist the best compression I've seen so far :)
Show threadmuıııoApr 15, 2024
@sos My guess is Microsoft needs this 😬
Show threadAlexander E. SmithApr 15, 2024

@sos

I got tired of their shit when they started forcing updates. Haven't used Windows privately or professionally for more than a decade.

Show threadSos SosowskiApr 15, 2024
@AlexanderESmith I'm a gamedev so I'm stuck with this, but gonna phase out Server after this for sure.
Show threadtheslik  Apr 15, 2024
@sos
Critical system hopefuly dont run windows
Show threadLance, Enjoying Copious PollenApr 15, 2024
@sos This won't go ever well in highly secure environments.
Show threadRavenCodeApr 15, 2024
@sos now we wait for various companies to have problems with data leaks caused by copilot trying to be "helpful"
Show threadPhosphenesApr 15, 2024

@sos

Liking my Linux Mint home server more every day.

Show threadStuart Longland (VK4MSL)Apr 15, 2024

@sos I think the inference here is… if it runs Windows, it clearly isn't "security critical".

Otherwise it wouldn't have cruft like Microsoft Copilot on there.

Show threadMorreApr 15, 2024

@sos How? With whatever tooling they use to do something like this.

Why? Because they’re allowed to.
Underlying reason: Capitalism.

Not at all surprising, is it? If you allow someone to do something, they will at some point.

Show threadCarePackage17Apr 15, 2024
@sos they really want number to go up, huh
Show threadAlison MeeksApr 15, 2024
@sos Also onto Windoz 10 without permission at all.
Show threadavi Apr 15, 2024
@sos how many people use windows server anyway?
Show threadFabian【ファビアン】🏳️‍🌈Apr 15, 2024
@error420 @sos my small 5 people company alone takes care of like 100+.... (Including virtual windows servers, running on a windows server hyperV)
Show threadTadsApr 15, 2024
@sos This is absolutely insane wtf
Show threadWalrus 🏴󠁧󠁢󠁷󠁬󠁳󠁿Apr 15, 2024

@sos

I'm now down to my one last Microsoft app, which runs on a virtual Windows 10 machine. I am looking forward to never seeing anything of theirs again...

Show threadMatt MascarenhasApr 15, 2024

@Walrus @sos One app to bring them all, and in the darkness bind them?

Which one is it?

Show threadWalrus 🏴󠁧󠁢󠁷󠁬󠁳󠁿Apr 15, 2024

@miblo @sos

An old version of OneNote, as I have been using it for yonks, and have found nothing better for the job. I think M$ bought it, rather than writing it, and they've been adding unwanted extra "features" until the latest version is unusable...

Show threadMatt MascarenhasApr 15, 2024
@Walrus @sos Oh cool, seems pretty sweet. I've wondered about trying an outliner – https://en.wikipedia.org/wiki/Outliner – for my own notes, but still just do it all manually in text files! Even with the occasional table like this:
Outliner - Wikipedia

Show threadArthurApr 15, 2024
@sos at least it is uninstallable, unlike other apps?
Show threadAzureArmageddonApr 15, 2024
@sos fking malware behaviour
Show threadit's B! Cavello 🐝Apr 15, 2024
@sos @pluralistic #Alt4You image description (you may be able to update your post to make it more accessible): “I assumed this was just bait, but I logged into my 2022 Server and it looks like it just installed itself today,” reads post with screenshot of copilot in list of software from a post by shuv1337
Show threadThomas SchmallApr 15, 2024

@sos I also get a warning about #MS installing some chat bot into my chrome browser every couple of months.

Something about "#BGAUpsell " - but so far I couldn't find much about it. It doesn't seem to be a virus... but one would expect an out cry about MS hijacking other programs. I guess that's normal now.

https://mastodon.coffee/@oxpal/110899517738380667

Thomas Schmall (@[email protected])

Attached: 1 image I'm getting #Bing Popups on my PC. And the only explanation I found is that it's truly #Microsoft installing Adware and hijacking #GoogleChrome settings via #MicrosoftEdge updates. I'm not sure though, since I see no outcry about this #BGAUpsell app. This just can't be legal, right?

Mastodon ☕
Show threadreadyStateFailApr 15, 2024
@sos thanks for the headsup - installed, uninvited, on 2024-03-29 and removed by me, today.
Show threadSerge 🔻Apr 15, 2024
@sos People running a gaming OS on a server probably knew what they were getting themselves into. Hopefully.
Show threadSos SosowskiApr 15, 2024
@xerge a licence for this costs 1000 euros, I don't think anyone knew :P
Show threadSerge 🔻Apr 15, 2024
@sos I can only laugh. Wtf were they thinking? Who sat in the meeting where this was approved? It’s. Just. Words fail me.
Show threadEnriqueApr 15, 2024
@sos
They don't care about you, their customer
Show threadgenstar.serviceApr 15, 2024

@sos I don't believe MicroSoft can make a lightweight telemetry tool and less one that fits into 8KiB of storage.

It's a stub as of now but they can probably update the app and tell the user that they already had the app installed.

Or it could be an add-on for Microsoft's ADs in Windows engine so they can advertise CoPilot in the Windows file explorer and MS Paint.

Show threadalastair87 (old account)Apr 15, 2024
@sos My guess is they aren't enabling Copilot on servers at least for the time being, but they don't want to do the work on the dependencies on it that will crop up in other Windows components, so they just bundle the whole thing.
Show threadalastair87 (old account)Apr 15, 2024
@sos Or it's a screw up and they pushed it by mistake.
Show threadalastair87 (old account)Apr 15, 2024
@sos I should say I like Copilot and use it all he time on my personal machines despite the downsides. It should be very easy to remove though, and it isn't.
Show threadQ. EdwardsApr 15, 2024
@sos tfw you don't read the EULA...
Show threadPaweł GóralskinokturnalApr 15, 2024
@sos server needs autopilot few minutes before the crash ;)..
Show threadT.J. CrowderApr 15, 2024

@sos Such slimy behavior.

Does anyone have a link to a well-researched article about what data exposure there is from this if you don't actually use Copilot?

Show threadObsPy Dev Team Apr 15, 2024
@sos 'Windows' and 'server' in one sentence 🤣
Show threadIzzy's Old AccountApr 15, 2024
@sos kind of interesting to see they're doing the android thing of hiding the resource use of Really Heavy Software behind "oh that's actually the SYSTEM" like how Google Play Services doesn't use your battery or disk space, it's the ANDROID SYSTEM
ignore that if you rip it out your battery life triples and you have twice as much space
Show threadbarnacl437Apr 16, 2024

@sos

oh hey new era of "AI computing" lol. Also a new era of data privacy being compromised.