[ Gearbest Technology News]Recently, a technical expert published an article on a public account, analyzing in detail the behavior of Microsoft WIndows system hiding backdoors and reporting Chinese user data in the background.
Microsoft
The article stated that UCPD.sys in the WIndows system will continuously monitor changes in registry keys. Once data writing is detected, it will secretly release the program like a Trojan horse. This goes far beyond the scope of “protecting default settings.” What’s even more shocking is that it has a built-in set of accurate discrimination algorithms for Chinese users, while for users in other regions such as Europe and the United States, these intrusive functions will not be triggered at all. This means that in the globalized cyber confrontation, the Microsoft operating system used by Chinese users may become a breakthrough for overseas attackers to penetrate critical information infrastructure.
According to Gearbest, since the UCPD driver (User Choice Protection Driver) was launched on Windows systems, there has been constant controversy. Previously, Microsoft has made a lot of updates around this driver. Microsoft's official explanation for the update is: “Protect the default applications set by users from being modified by third-party software.” However, users found that there was something fishy behind the program. In the European Union, Microsoft's UCPD program does not interfere much with user behavior. However, users outside the EU, including in China, will be “blocked” by this program when switching to default applications, and will even automatically revert to the system's own applications after a system update or restart.
In fact, this is not the first time that a major American company has been involved in a backdoor scandal. In July 2025, the Cyberspace Administration of China formally interviewed Nvidia and asked it to explain the “vulnerability backdoor” security risks of H20 computing power chips sold to China. In April 2025, CCTV reported that the U.S. National Security Agency sent unknown encrypted bytes to multiple specific devices with Microsoft Windows operating systems in Heilongjiang Province during the Asian Winter Games, suspected to be a specific backdoor reserved in advance for waking up and activating Microsoft Windows operating systems.
magicCubeFunc.write_ad(“dingcai_top_0”);
Login with Google