Major Windows 10 upgrade security risk
Microsoft MVP, speaker, and trainer Sami Laiho has discovered a bug in Windows 10 – that predominantly affects Insider Builds – which could give an attacker privileged access to a system.
During a Feature Update, Laiho wrote it is possible to press SHIFT+F10 to bring up a Command Prompt.
This feature has been around since Windows 7, but the problem is that Microsoft disables its BitLocker encryption service during the upgrade – giving an attacker access to the hard disk.
The elevation of privilege that lets a non-administrative user get System user access, even on a BitLocker-protected machine, is an issue.
Laiho said this exploit becomes available under the following conditions:
- Upgrading from Windows 10 RTM to the November Update (1511) or Anniversary Update (1607).
- Upgrading from any build to a newer Insider Build, tested up to end of October 2016.
Laiho offered the following attack scenarios:
- An internal threat who wants admin access just has to wait for the next upgrade, or convince someone that he should be a Windows Insider.
- An external threat with access to the computer waits for it to start an upgrade to get into the system.
For enterprises, System Center Configuration Manager can block this. For unmanaged networks, Laiho offered the following advice:
- Don’t allow unattended upgrades.
- Keep very tight watch on Windows Insiders.
- Controversially: stick to the Long Term Servicing Branch version of Windows 10 for now.
Laiho published a video of the attack on his website.
Now read: New Windows 10 updates will be a lot smaller to download
Loading ...