sexta-feira, 24 de março de 2017
segunda-feira, 20 de março de 2017
Windows 10 Will Download Some Updates Even Over a Metered Connection
Windows 10 Will Download Some Updates Even Over a Metered Connection
URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Dt-8dDqsRoA/windows-10-will-download-some-updates-even-over-a-metered-connection
Reader AmiMoJo writes: Until now Windows 10 has allowed users to avoid downloading updates over metered (pay-per-byte) connections, to avoid racking up huge bills. Some users were setting their ethernet/wifi connections as metered in order to prevent Windows 10 from downloading and installing updates without their permission. In its latest preview version of the OS, Microsoft is now forcing some updates necessary for "smooth operation" to download even on these connections. As well as irritating users who want to control when updates download and install, users of expensive pay-per-byte connections could face massive bills.
Read more of this story at Slashdot.
sábado, 18 de março de 2017
Windows 10 UAC Bypass Uses Backup and Restore Utility
Windows 10 UAC Bypass Uses Backup and Restore Utility
URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/6zqSvclL1JI/windows-10-uac-bypass-uses-backup-and-restore-utility
An anonymous reader writes: "A new User Access Control (UAC) bypass technique relies on altering Windows registry app paths and using the Backup and Restore utility to load malicious code without any security warning," reports BleepingComputer. The technique works when an attacker launches the Backup and Restore utility, which loads its control panel settings page. Because the utility doesn't known where this settings page is located, it queries the Windows Registry. The problem is that low-privileged users can modify Windows Registry values and point to malware. Because the Backup and Restore utility is a trusted application, UAC prompts are suppressed. This technique only works in Windows 10 (not earlier OS versions) and was tested with Windows 10 build 15031. A proof-of-concept script is available on GitHub. The same researcher had previously found two other UAC bypass techniques, one that abuses the Windows Event Viewer, and one that relies on the Windows 10 Disk Cleanup utility
Read more of this story at Slashdot.
terça-feira, 7 de março de 2017
BREAKING: CIA turned every Microsoft Windows PC in the world into spyware. Can activate backdoors on demand, including via Windows update. - r/Bitcoin
BREAKING: CIA turned every Microsoft Windows PC in the world into spyware. Can activate backdoors on demand, including via Windows update. - r/Bitcoin
URL: https://www.reddit.com/r/CryptoCurrency/comments/5y1qrz/breaking_cia_turned_every_microsoft_windows_pc_in/
submitted by /u/CryptoChief
[link] [comments]
sexta-feira, 3 de fevereiro de 2017
Windows DRM-Protected Files Used To Decloak Tor Browser Users
Windows DRM-Protected Files Used To Decloak Tor Browser Users
URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/nIC3Uqa_YvI/windows-drm-protected-files-used-to-decloak-tor-browser-users
An anonymous reader writes from a report via BleepingComputer: Downloading and trying to open Windows DRM-protected multimedia files can deanonymize Tor Browser users and reveal their real IP addresses, security researchers from Hacker House have warned. On Windows, multimedia files encoded with special Microsoft SDK will automatically open an IE window and access a URL to check the file's license. Since this request is sent outside of the Tor Browser and without user interaction, this can be used to ping law enforcement servers and detect the user's real IP address and other details. For example, law enforcement could host properly signed DRM-protected files on sites pretending to host child pornography. When a user would try to view the file, the DRM multimedia file would use Internet Explorer to ping a server belonging to the law enforcement agency. The same tactic can also be used to target ISIS militants trying to view propaganda videos, illegal drug and weapons buyers trying to view video product demos, political dissidents viewing news videos, and more. A video of the attack is available here.
Read more of this story at Slashdot.
quarta-feira, 1 de fevereiro de 2017
Windows 10 is not Free – Privacy Issues
Windows 10 is not Free – Privacy Issues
URL: https://www.deepdotweb.com/2017/02/02/windows-10-not-free-privacy-issues/
Did you know that Microsoft records your voice, camera and every keystroke on Windows 10? Of course, it’s all in the Terms of Agreement.
terça-feira, 29 de novembro de 2016
Holding Shift + F10 During Windows 10 Updates Opens Root CLI, Bypasses BitLocker
Holding Shift + F10 During Windows 10 Updates Opens Root CLI, Bypasses BitLocker
URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/-ScjETtY1S8/holding-shift--f10-during-windows-10-updates-opens-root-cli-bypasses-bitlocker
An anonymous reader quotes a report from BleepingComputer: Windows security expert and infrastructure trainer Sami Laiho says that by holding SHIFT + F10 while a Windows 10 computer is installing a new OS build, an attacker can open a command-line interface with SYSTEM privileges. This CLI debugging interface also grants the attacker full access to the computer's hard drive data, despite the presence of BitLocker. The CLI debugging interface is present when updating to new Windows 10 and Windows 10 Insiders builds. The most obvious exploitation scenario is when a user leaves his computer unattended during the update procedure. A malicious insider can open the CLI debugger and perform malicious operations under a root user, despite BitLocker's presence. But there are other scenarios where Laiho's SHIFT + F10 trick can come in handy. For example when police have seized computers from users who deployed BitLocker or when someone steals your laptop. Windows 10 defaults help police/thieves in this case because these defaults forcibly update computers, even if the user hasn't logged on for weeks or months. This CLI debugging interface grants the attacker full access to the computer's hard drive, despite the presence of BitLocker. The reason is that during the Windows 10 update procedure, the OS disables BitLocker while the Windows PE (Preinstallation Environment) installs a new image of the main Windows 10 operating system. "This [update procedure] has a feature for troubleshooting that allows you to press SHIFT + F10 to get a Command Prompt," Laiho writes on his blog. "The real issue here is the Elevation of Privilege that takes a non-admin to SYSTEM (the root of Windows) even on a BitLocker (Microsoft's hard disk encryption) protected machine." Laiho informed Microsoft of the issue and the company is apparently working on a fix.
Read more of this story at Slashdot.
Assinar:
Postagens (Atom)