Notebookcheck

Windows 10 S can be infected with malware

Image source: Microsoft
Image source: Microsoft
While Microsoft has claimed that Windows 10 S is not vulnerable to any currently known malware, a clever cybersecurity professional has found an exploit in Microsoft Word that can run malicious code in the operating system.

Working For Notebookcheck

Are you a loyal reader of notebookcheck? Are you a techie who knows how to write? Then join our Team!

Especially wanted: 
English-Swedish-Translator - 
Details here
Review Editor - 
Details here
News Editor - Details here

 

 

 

 

 

 

Microsoft’s newest iteration of Windows, Windows 10 S, has been advertised as one of the safest and most secure versions of the world’s most popular operating system. Since the OS is highly restrictive in nature and it can only run software installed from the Windows Store, Microsoft has put quite a few checks into the system to keep malware and hackers out. Unfortunately, they didn’t plan on Matthew Hickey.

ZDNet reports that they asked Hickey, who is a co-founder of cybersecurity firm Hacker House, to take their new Surface Laptop and try to install malware on it. The Surface Laptop is being positioned as a notebook for students, as it natively runs Windows 10 S. ZDNet’s particular device also had the latest security patches from Microsoft installed on it earlier in the day. However, it took Hickey only about 3 hours to bypass the notebook’s security and get malicious code running.

Despite the absence of tools like the Command Prompt and PowerShell scripting (which can grant access to the underpinnings of standard Windows), Hickey was able to find an exploit in Microsoft Word. By writing specific macros into a Word document and opening the file with administrative privileges (which are set to the default user profile), Hickey carried out a “reflective DLL injection attack,” which allowed him to bypass the machine’s security and directly affect the libraries at the root of the operating system itself.

Normally, to open a Word document that executes macros, “Protected View” must be disabled. In Windows 10 S, this setting is turned on by default. Hickey downloaded the malicious Word document via a network share, which Windows considers a trusted source, and selected the option to enable macros. As such, it may not be hard for future hackers to socially engineer Windows 10 S users into downloading malicious files from a trusted source and choosing to run macros. Despite Microsoft’s claim that their new OS is “not vulnerable to any known ransomware,” it seems that where there’s a will, there’s a way.

Source(s)

static version load dynamic
Loading Comments
Comment this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2017 06 > Windows 10 S can be infected with malware
Sam Medley, 2017-06-24 (Update: 2017-06-24)
Sam Medley
Sam Medley - Review Editor - @samuel_medley
I've been a "tech-head" my entire life. After graduating college with a degree in Mathematics, I worked in finance and banking a few years before taking a job as a Systems Analyst for my local school district. I started working with Notebookcheck in October of 2016 and have enjoyed writing news articles and notebook reviews. My areas of interest include the business side of technology, retro gaming, Linux, and innovative gadgets. When I'm not hunched over an electronic device or writing code for a new database, I'm either outside with my family, playing a decade-old video game, or sitting behind a drum set.