Hacked Windows 10 S that was "invulnerable to ransomware"


Windows 10 S Is it completely secure? Microsoft's claim that "no known ransomware" can run on its Windows 10 S operating system does not seem to be true.

In a Friday publication by ZDNet, Hacker House security researcher Matthew Hickey said he managed to break the operating system's security in just over three hours.

Hickey was able to achieve remote management control and disable various security settings, leaving the system open for malware attacks.

Hackey started with an old technique known as DLL injection, where malicious code is executed through a process that system operations consider is not threatening. Windows 10 S

In this case, the violation occurred with a Word document containing the built-in macros that was needed to bypass the hacker's restrictions on Windows 10 S that are designed not to use applications that do not exist in the Microsoft Store.

After avoiding Word protection by downloading the document from a network share - instead of a link or e-mail attachment - Hickey could execute some malicious code with administrator privileges.

Using the Metasploit Penetration Testing Software, Hickey managed to obtain the highest possible level of access, with system privileges, and repeated the DLL injection to acquire remote control of the machine.

After all this, as you understand, Hickey could install not just some ransomware but malware he wanted.
The computer, was one of Microsoft's new Surface Laptop, and was totally vulnerable.

Microsoft, meanwhile, has denied ZDNet's claim that its own test has proven that Windows 10 S is not vulnerable to ransomware attacks.

"In early June, we announced that Windows 10 S was not vulnerable to any known ransomware," said a company spokesman.

And he wrote:

"We recognize that new attacks and malware are constantly emerging, so we are committed to monitoring the threat landscape and working with responsible investigators to ensure that Windows 10 continues to provide the most secure experience for our customers."

Clearly, based on Hickey's test, Microsoft's claim does not seem to be right. While Windows 10 S may be less vulnerable to such attacks because of only strictly tested software will run that has been approved by Microsoft, there are still ways that can infect computers running this operating system.

Registration in iGuRu.gr via Email

Enter your email to subscribe to the email notification service for new posts.

Impressing Microsoft that its operating system is invulnerable to all "known ransomware" was not so wise. Strong claims of security invite the challenge.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news