Hacked Windows 10 S that was "invulnerable to ransomware"

Είναι απόλυτα ασφαλές; Ο ισχυρισμός της Microsoft ότι “κανένα γνωστό ” μπορεί να τρέξει στο λειτουργικό της σύστημα Windows 10 S φαίνεται ότι δεν ευσταθεί.

In a Friday publication by ZDNet, Hacker House security researcher Matthew Hickey said he managed to break the operating system's security in just over three hours.

Hickey was able to achieve remote management control and disable various security settings, leaving the system open for malware attacks.

Hackey started with an old technique known as DLL injection, where malicious code is executed through a process that system operations consider is not threatening. Windows 10 S

In this particular case, it was done with a Word document that contained the embedded macros needed for the hacker to bypass the restrictions on Windows 10 S that are designed not to use apps that aren't in the Microsoft Store.

After bypassing Word protection by downloading the document from a network share – instead of some link or attachment from mail – Hickey could run some malicious code with admin privileges.

Using the Metasploit Penetration Testing Software, Hickey managed to obtain the highest possible level of access, with system privileges, and repeated the DLL injection to acquire remote control of the machine.

After all this, as you understand, Hickey could install not just some ransomware but malware he wanted.
The computer, was one of Microsoft's new Surface Laptop, and was totally vulnerable.

Microsoft, meanwhile, has denied ZDNet's claim that its own test has proven that Windows 10 S is not vulnerable to ransomware attacks.

"In early June we stated that Windows 10 S is not vulnerable to any known ransomware," said a spokesperson for s.

And he wrote:

“We recognize that new attacks and malware are emerging all the time, so we are committed to monitoring the threat landscape and working with those responsible to ensure that Windows 10 continues to provide the most secure experience for our customers.”

Clearly, based on Hickey's test, Microsoft's claim does not seem to be right. While Windows 10 S may be less vulnerable to such attacks because of only strictly tested software will run that has been approved by Microsoft, there are still ways that can infect computers running this operating system.

Microsoft implying that its operating system is immune to all "known ransomware" was not so wise. Strong security claims invite it .

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).