Bevlin Blog

Bevlin has been serving the Boston area since 2006, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

How 2 Keystrokes Can Bypass the Security of Windows

Usually, when a troubleshooting feature is put in place, it is meant to assist the user in resolving an issue. However, one such feature in Windows 10 could ultimately lead to more problems, as it also can serve as a free-ride vulnerability for an opportunist bystander.

Security expert Sami Lailo discovered that if someone keys in Shift + F10 during a ‘Feature Update’ in Windows 10, they are able to access a Command Prompt window with Admin privileges. Compounding this with the fact that Microsoft updates disable BitLocker while they are in progress, means that someone could feasibly access the hard disk without the aid of any external device.

If that someone happened to be ill-intentioned, they could potentially wreak havoc through the command-line interface. Admittedly, the perpetrator would have to move quickly, but if they had come in with a plan and the foreknowledge of a Feature Update being implemented, they would have plenty of time to do what they had come to do.

Lailo reached out to Microsoft, and the company is now working to resolve this issue.

The current fix? Don’t leave an updating workstation unattended, despite the long periods of time updates can sometimes take.

Once Microsoft releases a patch, businesses and organizations will want to apply it. Keep in mind, any Bevlin clients on our managed services will have the update applied once it is tested. Give us a call at 781-679-0172 to learn more.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 07 November 2024
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Blog Archive

Upcoming Events

No events