Anecdotally, my company has a device driver posted on Windows Update. I inherited the project and was digging through Microsoft’s hardware dashboard trying to find information on the stability of the driver. I ended up finding that our driver was crashing rather frequently. Looking closer, the name of the driver shown was curious as it contained the name of our driver as defined in the inf file, and appended at the end was “(WeTest)”. I looked through all source code looking for a reference to this string with no avail. Eventually I googled “WeTest” and find out WeTest is something owned by Tencent. I double checked all drivers that were ever posted to the server from our account and found no reference to “WeTest” in any of the driver packages uploaded. I emailed our Microsoft contact and got no answers as to where this driver came from and why it was visible from our account. After a few months, this driver finally was removed from our dashboard and our administrator for the account had to submit government documents to Microsoft to show he worked at where he said he did. I won’t give specifics on who’s or what’s, and anyone is more than welcome to dismiss what I’m saying without evidence. But your comment, “when Microsoft’s update servers get compromised..”, made me want to share this experience. Maybe it was some terrible software bug on Microsoft’s end that managed to combine information from two different entities, but we were never given an explanation as to how this happened.

You're sure that you have a complete log of all the drivers that were ever uploaded?

[dead]