MS-DO

Microsoft Delivery Optimization (MS-DO) is a peer-to-peer client update service that uses local and internet-connected devices to deliver Windows updates and apps. It helps in reducing bandwidth consumption by sharing the download burden across multiple devices. This service is particularly useful in environments with limited internet bandwidth.

What is MS-DO

Microsoft Delivery Optimization (MS-DO) is a feature in Windows that aims to optimize the delivery of updates and applications. It leverages peer-to-peer technology to share the download burden across multiple devices, both within a local network and over the internet. This can significantly reduce the bandwidth consumption for downloading large updates and applications, making it particularly beneficial in environments with limited internet bandwidth.

MS-DO works by breaking down updates and apps into smaller chunks and distributing these chunks across multiple devices. Each device downloads a portion of the update or app and then shares it with other devices. This distributed approach not only speeds up the download process but also ensures that the network bandwidth is used more efficiently.

Microsoft introduced Delivery Optimization with Windows 10, and it has since become an integral part of the Windows Update process. The service is designed to be secure, with encryption and authentication mechanisms in place to ensure that only legitimate updates and apps are downloaded and shared. However, like any service that involves network communication, it is important to monitor and manage its usage to prevent potential security risks.

MS-DO runs on TCP and UDP port 7680 and is official IANA port.

Security risk

If port 7680 is open and the MS-DO service is running, there is a potential risk of unauthorized access or data interception. While the service uses encryption and authentication, it is still important to ensure that the network is secure and that only trusted devices are allowed to participate in the peer-to-peer network. Additionally, excessive use of this service could lead to bandwidth saturation, impacting other critical network operations.

In our UFW tutorial you can follow instructions how you can configure UFW to close port 7680. Use StackChanges to monitor if the MS-DO port is closed and stays closed. StackChanges will send an alert if port 7680 is open again.