Microsoft's new Windows 11 has many possibilities for better safety, όπως τα Trusted Platform Module (TPM 2.0), Virtualization -based Security (VBS) και πολλά άλλα. Αν και υπήρχαν σαν προτάσεις στα Windows 10, δεν εφαρμόστηκαν ποτέ σε αντίθεση με τα Windows 11.
To demonstrate how important the new features are, the company has unveiled a video starring Weston, which shows how potential hackers could gain access to such vulnerable machines that do not have these features.
The video below shows how the hacker μπορούν να αποκτήσουν τον έλεγχο μιας ευάλωτης συσκευής από απόσταση ή τοπικά για να μολύνουν το σύστημα με κακόβουλο φορτίο όπως ransomware ή να κλέψουν δεδομένα ελέγχου ID cardof the user.
The first part of the video shows the successful exploitation of a vulnerable open remote port (RDP) for administrator access and ransomware distribution on a Windows 10 system that did not have TPM 2.0 and Secure Boot enabled.
After that, Weston shows off a vulnerability which is exploited locally through the fingerprint authentication process on a non-VBS computer. PCILeech was used to access the vulnerable system's memory and modify the biometric authentication code.
Watch the video
