About Us | Contact Us
View Cart

Windows 10 Exploit Could Let Malware In

By Vigilize | Wednesday, August 3, 2016 - Leave a Comment

An article review.


The User Account Control bug allowed for malicious code to run with the highest privileges


ServIcons_ITAudit_01

While Windows 10 promises to be the most secure version of the operating system yet, it’s not entirely free from bugs as security researchers pointed out recently.

The new exploit targets the Disk Cleanup and Silent Cleanup functions of the operating system, both of which are granted administrator-level access by Windows’ User Account Control function. In a worst case scenario, malicious code could be inserted into the programs, which would then run at the highest privilege levels on the target system.

While the researchers offer a solution, it involves altering internal Windows settings and can cause other problems with regular operation, leading them to conclude Microsoft should change the privilege level of the applications involved instead. For their part Microsoft is not treating this as a security bug, claiming that User Account Control is not a security measure.


Original article by Henry T. Casey writing for Laptop Magazine.


same_strip_012513


 

Latest News
    The One Test… …Is there a Test that Covers 9/11’s of the Battle? Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Twenty years ago two geek-friends and I debated the following question:  “Is there an Audit Test that covers 9/11’s of the battle?” This […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS NEW EMPLOYEE FOR INFOTEX infotex has just hired Tanvee Dhir, to be a new Data Security Analyst. “Tanvee is an outstanding addition to the team, bringing a new skillset we are eager to utilize.” says Chad Smith, NOC Manager of infotex. “I am really excited to be […]
    While we’re not a news service, we often use current events to comment on trends and our services. This blog is intended to get people thinking about topics and trends in Technology Risk Management, through our article reviews, as well as through original blog articles about current events and our MSSP services (such as our […]
    Seven Trends . . . that small bank Information Security Officers face in 2021 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article about the seven trends in technology that will impact the Information Security Officers of […]
    Top Seven Risks . . . that small bank Information Security Officers face in 2021 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Once again, I compile this list in preparation for updating our normal board of directors awareness training PowerPoints and movies and such. […]