Kornerstone Technology Blog

Kornerstone Technology Inc. (KSTech) is a provider of technology and business solutions. We also have provided comprehensive support solutions for our customers since 2006.

How 2 Keystrokes Can Bypass the Security of Windows

How 2 Keystrokes Can Bypass the Security of Windows

Usually, when a troubleshooting feature is put in place, it is meant to assist the user in resolving an issue. However, one such feature in Windows 10 could ultimately lead to more problems, as it also can serve as a free-ride vulnerability for an opportunist bystander.

Security expert Sami Lailo discovered that if someone keys in Shift + F10 during a ‘Feature Update’ in Windows 10, they are able to access a Command Prompt window with Admin privileges. Compounding this with the fact that Microsoft updates disable BitLocker while they are in progress, means that someone could feasibly access the hard disk without the aid of any external device.

If that someone happened to be ill-intentioned, they could potentially wreak havoc through the command-line interface. Admittedly, the perpetrator would have to move quickly, but if they had come in with a plan and the foreknowledge of a Feature Update being implemented, they would have plenty of time to do what they had come to do.

Lailo reached out to Microsoft, and the company is now working to resolve this issue.

The current fix? Don’t leave an updating workstation unattended, despite the long periods of time updates can sometimes take.

Once Microsoft releases a patch, businesses and organizations will want to apply it. Keep in mind, any Kornerstone Technology Inc. clients on our managed services will have the update applied once it is tested. Give us a call at 818-206-6383 to learn more.

Tip of the Week: 6 Tips to Avoid Getting Scammed T...
The Case for Hosting Your Phone Solution In-House
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, November 24 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite