Microsoft(US:MSFT) 国芯网·2025-09-16 14:23Core Viewpoint - The article highlights concerns regarding Microsoft's UCPD.sys, which is alleged to contain a backdoor that monitors Chinese users and restricts the use of domestic software, raising issues of privacy and unfair competition [1][12][13]. Summary by Sections Microsoft UCPD.sys Overview - UCPD.sys is described as a "User Choice Protection Driver" intended to prevent unauthorized changes to default applications, but it is revealed to have complex functionalities that extend beyond its stated purpose [2][12]. - The driver reportedly writes encrypted data in the system registry, allowing Microsoft to monitor changes and potentially execute unknown programs without user consent [2][12]. Monitoring of Chinese Users - UCPD.sys activates additional monitoring features specifically for users in China, including logging detailed system activities and sending this data back to Microsoft [3][4][5]. - The logs include comprehensive information such as process names, registry paths, and version details, which can reconstruct user software preferences and habits [5][6]. Discriminatory Practices Against Chinese Software - The article notes that UCPD.sys has a built-in mechanism to restrict certain Chinese software, including popular applications from companies like 360, Tencent, and WPS [6][10]. - A three-tiered blacklist system is employed, which includes checks on digital signatures, process names, and installation paths to block Chinese software [8][10][11]. Implications of Remote Code Execution - The existence of a remote code execution mechanism within UCPD.sys is highlighted as a significant security risk, effectively creating a backdoor in the system [12]. - The article references past incidents where U.S. intelligence agencies exploited vulnerabilities in Microsoft products to conduct cyberattacks on Chinese entities, raising further concerns about the security of international products [12][13]. Trust and Privacy Concerns - The article concludes that Microsoft's actions may undermine user trust, transforming the company from a privacy protector to a potential surveillance entity, which could have broader implications for user privacy and data security [12][13].