Microsoft WUDO (Windows Update Delivery Optimization) servers in China?

Andrej Gorochovik 0 Reputation points

Hi, we had a report from our security provider, that some of our computers started communicating IP in PRC on destination port 7680, which is commonly used for Microsoft WUDO (Windows Update Delivery Optimization). They advised us to make sure it is not a security breach.

IPs are:

Did Microsoft recently enrolled PRC located servers into global update list or we should worry about a hacking attempt?

A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,072 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Limitless Technology 44,101 Reputation points

    Hello there,

    You can try to close the port and see if delivery optimisation works to make sure this is created by windows service only.

    Delivery Optimization listens on port 7680 for requests from other peers by using TCP/IP. The service will register and open this port on the device. The port must be set to accept inbound traffic through your firewall. If you don't allow inbound traffic over port 7680, you can't use the peer-to-peer functionality of Delivery Optimization.

    Hope this resolves your Query !!

    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments No comments

  2. Narkis Engler 0 Reputation points Microsoft Employee

    Hi Andrej,

    It is possible the default configuration of Delivery Optimization's "Download Mode" is resulting in connection attempts from legit peers in a different region.

    Please take a look at the article here to learn more:

    Regarding how Delivery Optimization verifies the content it pulls from peers please take a look at the following:

    0 comments No comments