Hacked Windows 10 S that was "invulnerable to ransomware"

Windows 10 S Is it completely secure? Microsoft's claim that "no known ransomware" can run on its Windows 10 S operating system does not seem to be true.

In a Friday publication by ZDNet, Hacker House security researcher Mr. Matthew Hickey reported that he managed to operating system security in just over three hours.

Hickey was able to achieve remote management control and disable various security settings, leaving the system open for malware attacks.

Hackey started with an old technique known as DLL , where malicious code is executed through a process that the functions of the systems consider to be non-threatening. Windows 10 S

In this particular case, it was done with a word document that contained the embedded macros which was needed for the hacker to bypass the restrictions in Windows 10 S operating system that are designed not to use apps that are not in the Microsoft Store.

After avoiding Word protection by downloading the document from a network share - instead of a link or e-mail attachment - Hickey could execute some malicious code with administrator privileges.

Using the Metasploit Penetration Testing Software, Hickey managed to obtain the highest possible level of access, with system privileges, and repeated the DLL injection to acquire remote control of the machine.

After all this, as you understand, Hickey could install not just some ransomware but malware he wanted.
The computer, was one of Microsoft's new Surface Laptop, and was totally vulnerable.

Microsoft, meanwhile, has denied ZDNet's claim that its own test has proven that Windows 10 S is not vulnerable to ransomware attacks.

"In early June, we announced that Windows 10 S was not vulnerable to any known ransomware," said a company spokesman.

And he wrote:

"We recognize that new attacks and malware appear all the time, so we're committed to monitoring the threat landscape and working with responsible researchers to ensure that Windows 10 continues to offer the most experience to our customers.”

Clearly, based on Hickey's test, Microsoft's claim does not seem to be right. While Windows 10 S may be less vulnerable to such attacks because of only strictly tested software will run that has been approved by Microsoft, there are still ways that can infect computers running this operating system.

Impressing Microsoft that its operating system is invulnerable to all "known ransomware" was not so wise. Strong claims of security invite the challenge.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).