Is GWX technically malware?

Question

GWX, otherwise known as the "Get Windows 10" popup, acts suspiciously similar to malware, except that it is made by Microsoft.

Like malware, GWX:

• installs itself without the user's consent as an "important" update
• downloads and "preloads" 6 GB worth of Windows 10 installation files without the user's consent
• constantly nags the user about downloading Windows 10
• actively prevents the user from disabling it permanently
• changes its behavior through the addition of undocumented features to further prevent its disabling
• requires a special, third-party tool to be removed completely from a system
• advertises another product, even if Windows 7 users get it for free
• is a potentially unwanted program (PUP).

Even TechRadar refers to GWX Control Panel's constant development as an "uphill battle" as random updates seem to push new versions of GWX (with new tricks) to Windows 7 computers.

So, can GWX be considered malware?

Answer 1

I would call it a rather irritating annoyance, but not malware - neither technically nor substantially.

installs itself without the user's consent as an "important" update

Only if you have "important" updates set to automatically install. Otherwise, you have the chance to review the list of pending updates, and uncheck (or hide for good) KB 3035583 which installs the "Get Windows 10" applet.

Needless to say, once you did enable auto-install of "important" updates, you waived your option to choose, and left it to Microsoft to decide what's "important".

actively prevents the user from disabling it permanently

There are several well documented ways to get rid of KB 3035583 if you installed it by accident, see for example How to disable the “Get Windows 10” icon shown in the notification area (tray)? or How to remove Windows 10 upgrade updates in Windows 7 and 8.

Answer 2

there is no objective definition of malware, so as such you are free to consider it what you want. The best definition I've found is here at the Oxford English Dictionary, but it includes subjective elements.

The code security industry has to make decisions on what is and what isn't malware by their assessment, as do legislatures around the world, and while those definitions may contain terms that describe GWX, the vast majority of users do not believe it to in fact be malicious, so no major entities are likely to determine it to be such.

Answer 3

From Wikipedia:

Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, or gain access to private computer systems. Malware is defined by its malicious intent, acting against the requirements of the computer user, and does not include software that causes unintentional harm due to some deficiency. The term badware is sometimes used, and applied to both true (malicious) malware and unintentionally harmful software.[2]

So IMO...

Is it a software used to:

• Disrupt computer operations? Maybe it's not designed or used to do that, but unfortunately can lead to disrupting computer operations. My opinion: almost is.
• Gather sensitive information? If you don't pay enough attention its downloads and install a software that gather sensitive information. My opinion: it is.
• Gain access to private computer systems? Fortunately it seems to not do that.

Is it:

• Defined by its malicious intent? My opinion: it is trying really hard to be.
• Acting against the requirements of the computer user? It definitively do.

And:

• Malware does not include software that causes unintentional harm due to some deficiency. Its operations definitively are intentional and carefully planed.

So objectively it subjectively can be a malware and it definitively objectively is a badware ;)

Answer 4

It is technically not malware (causes no damage), but I call it Potentially unwanted program. It is an advertising tool to annoy users to upgrade to their latest Windows.

Answer 5

No, this program does not fall into the malware category, as the program does zero damage against your computer, does not breach any privacy.

Answer 6

the way it subverts the owner and tries to force itself on us. it is very much like a Trojan down loader and indefinably is legalized malware, any process that behaves in a way that reduces the usability of a system.. is a malicious program gwx.exe creates hidden folders and then prevents the removal of said folders by ordinary means. it also is installed without consent of the user/owner of the system and that is not ethical or acceptable. it also intentionally slows down the system i have done a lot of experimenting on this. the longer you ignore it the more it slows down the system i tested this on a system with two 3.6 ghz quad core processors, the other dirty thing it does is if you do disable it it messes with the trusted installer and make-cab processes. this results in the trusted installer taking over all the ram or cpu bandwidth or both at the same time rendering the system useless my system with dual quads @3.6 ghz and 32gb of ddr3 ram was rendered useless by this thing for 29 hours. and it results in logs in the cbs logs folder that reach sizes as big as 26gb and its not one log file that size. it makes many of them and will do so until the drive is full (verified by allowing this crap to run undisturbed for 76 hours it finally stopped when it ran out of space on a 3 tb drive and crashed the system)