Core Viewpoint - Microsoft is accused of using UCPD.sys to secretly monitor Chinese users by hiding encrypted data and releasing unknown programs to collect user data, with automatic activation of monitoring features in China [1] Group 1: Data Monitoring Allegations - Technical experts claim that Microsoft utilizes UCPD.sys to conceal encrypted data and deploy unknown programs for user data collection [1] - The code is reported to automatically activate monitoring and upload "telemetry data" specifically for users in China [1] Group 2: Software Interception - The system reportedly includes mechanisms to intercept Chinese software, which is suggested to maintain Microsoft's market monopoly [1] Group 3: Previous Reports - Earlier in April, state media reported that the U.S. National Security Agency exploited backdoors in Windows for cyber espionage against China [1] - Microsoft has not provided an official response to these allegations [1]

Core Insights - The article highlights the increasing frequency and sophistication of cyberattacks by U.S. intelligence agencies targeting China's high-tech military and defense sectors, posing significant threats to national security [1][4] Group 1: Cyberattack Incidents - A notable incident involved the exploitation of a zero-day vulnerability in Microsoft Exchange, where U.S. intelligence agencies controlled a major military enterprise's email server for nearly a year, compromising over 50 critical devices and establishing covert channels for data theft [1][2] - Attackers utilized multiple foreign IP addresses to launch over 40 attacks, successfully stealing emails from 11 individuals, including high-ranking officials, related to military product designs and core system parameters [2] - Another incident targeted a military communications and satellite internet enterprise, where attackers exploited unauthorized access and SQL injection vulnerabilities to implant backdoor programs and malware, compromising over 300 devices and searching for sensitive data related to military networks [3] Group 2: Threat Landscape - In 2024 alone, there were over 600 cyberattack incidents against important Chinese entities, with the defense and military sectors being the primary targets, particularly from state-sponsored APT organizations [4] - U.S. intelligence-backed hacker groups are characterized by their organized attack teams, extensive engineering support systems, and advanced vulnerability analysis capabilities, posing a severe threat to China's critical information infrastructure and key personnel [4]