Windows 10: HOSTS file blocking telemetry is now flagged as a risk

Like having control of what gets sent to Microsoft? I looks like you’re considered a ‘Severe’ threat…:

[…] Since the end of July, Windows 10 users began reporting that Windows Defender had started detecting modified HOSTS files as a ‘SettingsModifier:Win32/HostsFileHijack’ threat.

When detected, if a user clicks on the ‘See details’ option, they will simply be shown that they are affected by a ‘Settings Modifier’ threat and has ‘potentially unwanted behavior,’ as shown below.

SettingsModifier:Win32/HostsFileHijack detection
SettingsModifier:Win32/HostsFileHijack detection

BleepingComputer first learned about this issue from BornCity, and while Microsoft Defender detecting HOSTS hijacks is not new, it was strange to see so many people suddenly reporting the detection [1, 2, 3, 4, 5].

While a widespread infection hitting many consumers simultaneously in the past is not unheard of, it is quite unusual with the security built into Windows 10 today.

This led me to believe it was a false positive or some other non-malicious issue.

After playing with generic HOSTS file modifications such as blocking BleepingComputer and other sites, I tried adding a blocklist for Microsoft’s telemetry to my HOSTS file.


Original article here