Forum Discussion
BITS Downloading App updates from unknown endpoint
I found this - which appears to be a list of all the endpoints Windows 10 20H2 talks to ..
https://docs.microsoft.com/en-us/windows/privacy/manage-windows-20h2-endpoints
But if you read how they got this list, you realise Microsoft don't actually know all the endpoints they use - this was just someone in MS with a network scanner.
J.
<--
The following methodology was used to derive these network endpoints:
- Set up the latest version of Windows 10 on a test virtual machine using the default settings.
- Leave the device(s) running idle for a week ("idle" means a user is not interacting with the system/device).
- Use globally accepted network protocol analyzer/capturing tools and log all background egress traffic.
- Compile reports on traffic going to public IP addresses.
- The test virtual machine(s) was logged into using a local account, and was not joined to a domain or Azure Active Directory.
- All traffic was captured in our lab using a IPV4 network. Therefore, no IPV6 traffic is reported here.
- These tests were conducted in an approved Microsoft lab. It's possible your results may be different.
- These tests were conducted for one week, but if you capture traffic for longer you may have different results.
-->
JasonC2021 Thanks for checking this out. It appears that article does not contain any of the endpoints we are seeing, although it is dated. Unfortunate that they do not keep a complete list of contacted endpoints.
Have you noticed any further strange activity stemming from your devices since this started happening?
A bit worrying that I have not seen any further mention of these endpoints online