'Secure' Windows 10 S Hacked Wide Open in 3 Hours
Windows 10 S is locked down to the point where you can't use any apps outside of the Windows Store. Microsoft touts its security and claims it isn't affected by any "known ransomware."
But our friends at ZDNet hired someone to try to crack it, and he succeeded in just three hours.
Their hacker, Matthew Hickey, security researcher and co-founder of cybersecurity firm Hacker House, exploited Microsoft Word macros to run a DLL injection attack. Because macros aren't run by default on documents downloaded from the web, he used a source Windows 10 S trusts: the local network.
At that point, he was able to run a program to gain system-level privileges (the highest level of access) and also run processes from the system level. He also connected the computer to his own server, meaning that he had remote access to do whatever he pleased.
"From here we can start turning things on and off -- antimalware, firewalls, and override sensitive Windows files," Hickey told ZDNet. "If I wanted to install ransomware, that could be loaded on," he said. "It's game over." The computer would have no way to defend itself. Hickey could've done anything he wanted to on the machine.
MORE: Windows 10 S Locks You Into Edge and Bing, Out of Key Apps
Hickey did not install ransomware on the system, but he was able to provide proof of his system level access, including a plaintext Wi-Fi password.
Stay in the know with Laptop Mag
Get our in-depth reviews, helpful tips, great deals, and the biggest news stories delivered to your inbox.
When ZDNet contacted Microsoft about the exploit, it provided the following statement:
"In early June, we stated that Windows 10 S was not vulnerable to any known ransomware, and based on the information we received from ZDNet that statement holds true. We recognize that new attacks and malware emerge continually, which is why [we] are committed to monitoring the threat landscape and working with responsible researchers to ensure that Windows 10 continues to provide the most secure experience possible for our customers."
Windows 10 S currently ships with Microsoft's flagship notebook, the Surface Laptop, as well as laptops from a series of partners like Lenovo and Acer.
Even if the current ransomware doesn't work, ZDNet and Hickey proved one dangerous point -- it's still possible to install it on Windows 10 S machines, and it's very possible to take a machine running the operating system over.
For more information, screenshots of the attack and full technical details, check out the original story over on ZDNet.
Windows 10 Security and Networking
- Use the Windows 10 Parental Controls
- Find Your MAC Address
- Turn Your Windows PC into a Wi-Fi Hotspot
- Password Protect a Folder
- Create a Guest Account in Windows 10
- Enable Windows Hello Fingerprint Login
- Set Up Windows Hello Facial Recognition
- How to Restrict Cortana's Ever-Present Listening in Windows 10
- Automatically Lock Your PC with Dynamic Lock
- Blacklist Non-Windows Store Apps
- Find Saved Wi-Fi Passwords
- Set Up a Metered Internet Connection
- Use Find My Device
- Stream XBox One Games
- All Windows 10 Tips
- Map a Network Drive
- Create Limited User Accounts
- Set Time Limits for Kids
- Pin People to Your Taskbar