Aside from the privacy issues, granting government agencies with access provides security holes for attackers to take advantage of, the MIT report argues.
The company said that it is being done to provide customers with control over which updates to install.
Microsoft argues that the problem would not be addressed due to the difficulty of exploiting the hole and the small possible target size of the vulnerability.
The FBI is investigating whether St. Louis Cardinals officials breached a private database of the Houston Astros.
Plus, Microsoft turns on HTTP Strict Transport Security for Internet Explorer 11.
A reported 53 issues were found in D-Link products and 22 in SOHO routers.
That's a jump of 23 percent since 2013.
The GNU creator argues that today's major platforms don't do enough to protect user privacy and freedom rights.
This month's security update also includes "critical" bulletins for Windows, Office and .NET Framework.
Ignite event profiles new security tools and patch approaches.
Users will be warned if an ad may be fraudulent or misleading.
Unveiled at this year's RSA security convention, Customer Lockbox will force any data access by Microsoft to be approved by customers.
This month's Security Update includes a fix for a 0-day issue in Microsoft Office.
Researchers at IBM have discovered an active attack campaign using a variation of the Dyre Trojan that has already stolen millions from organizations.
The company has warned that the bogus Internet certs could be used in man-in-the-middle attacks.