I’ve made no bones about my skepticism about Windows 10 S. It seems to fall into the uncanny valley between a locked down mobile OS versus the full power and vulnerability of regular old Windows. But Microsoft thinks the benefits to performance and security outweigh the loss of its enormous legacy software ecosystem.
Performance may be a boon for the stripped down OS, but security is a lot harder to guarantee. Zack Whittaker decided to test one of Microsoft’s claims that “no known ransomware” will run on Windows 10 S.
In the end, the OS didn’t prove to be as impervious as Microsoft claims. Security researchers using a borderline ironic attack vector were able to get access to a shell with administrator privileges.
It wasn’t an easy exploit, or one that would be simple to automate in the wild, but the end result is that ransomware can get on Windows 10 S. There’s a lot more to the exploit, so make sure to checkout the ZDNet article.
Zack Whittaker writes:
Last week on its debut day, we got our hands on a brand new Surface Laptop, the first device of its kind to run Windows 10 S. We booted it up , went through the setup process, created an offline account, and installed a slew of outstanding security patches — like any other ordinary user would (hopefully) do.
And that’s when we asked Matthew Hickey, a security researcher and co-founder of cybersecurity firm Hacker House, a simple enough question: Will ransomware install on this operating system?
- Where AR We? - February 19, 2018
- Flexible Scaleout, Tom Lyon, and Reveal(x) in Gestalt News 18.8 - February 19, 2018
- In Defense of Facebook’s “Protect” - February 15, 2018
- Tom Lyon – IT Origins - February 15, 2018
- Do You Want to Build a Cloud? Gestalt IT Rundown: February 14, 2018 - February 14, 2018
- AI and Machines That Think They Can Think - February 14, 2018
- Docker for Home Automation - February 13, 2018
- The Cheapest PC Is Now More Expensive and Worse - February 13, 2018
- What’s Next for Infrastructure in a Post-Meltdown Reality? - February 13, 2018
- The IT Differentiation Dilemma – The On-Premise IT Roundtable - February 13, 2018