Telemetry is defined as system data that is uploaded by the
Connected User Experience and Telemetry component on Windows
10. The telemetry data includes information about the device,
including the hardware CPU, installed memory, storage, and how
The data is fully encrypted and it allows Microsoft to identify
security and reliability issues to analyze and fix software
problems when found on your device.
While Microsoft doesn’t allow you to completely disable
telemetry collection, you can always delete the diagnostic data
Windows has collected about you.
Telemetry is necessary for Windows 10’s development and other
companies also rely on telemetry to improve their software.
However, some Windows 10 critics see it as a form of “spying”
on the part of Microsoft.
Microsoft recently made a change to Windows 10’s built-in
antivirus software ‘Windows Defender’ or ‘Microsoft Defender’
that will warn you when you manually try to block telemetry
data by editing HOSTS file.
According to Wikipedia, HOSTS file is used to
aide the network name resolution i.e map hostnames to IP
addresses. After a recent update to Windows 10, Microsoft
Defender will specifically check to see if your HOSTS file has
been updated to block Microsoft’s telemetry servers.
If you try to edit your hosts file and block telemetry servers,
it will trigger a security warning from Windows Defender that
will prevent you from making changes.
You’ll notice that your hosts file refused to save and it will
get flagged with “SettingsModifier:Win32/HostsFileHijack” in
Windows Defender. HostsFileHijack is an important feature that
has been around for a while now and it has been designed to
block suspicious modifications to the Windows hosts file.
In our testing, when we edited the hosts file to block the
common telemetry servers, Windows Defender claimed that our
hosts file is infected with “HostsFileHijack”.
This is a severe security risk and you cannot save the updated
file unless you click on the allow button.
It’s important to note that hosts are used to infect computers
with malware and Microsoft wants you to be sure that the data
hasn’t changed. This security feature was introduced to prevent
network redirects and other malicious hacking attempts by
editing your hosts file.
Microsoft is now using Windows Defender feature to prevent
users from blocking telemetry collection by editing their hosts
file, which could be due to security or other reasons.
In the past few weeks, Microsoft also made other improvements
to Windows Defender, including the introduction of a
new feature that will prevent users from editing Registry to
disable Windows Defender protection.