Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Firm VUPEN Claims To Have Hacked Windows 8 and IE10

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes "Windows 8 was released late last week, and already this week French security firm VUPEN says it has broken Microsoft's latest and greatest security features. The company claims it has developed a 0-day exploit for Windows 8 and IE10, by chaining multiple undisclosed flaws together."

17 of 118 comments (clear)

  1. Lesser Target Security. by TechyImmigrant · · Score: 5, Funny

    I thought that little used operating systems were less vulnerable because fewer hackers would target them compared to popular, mass market operating systems such as Linux and MacOS.

    --
    I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    1. Re:Lesser Target Security. by Shoten · · Score: 4, Informative

      Yes, but that effect covers casual attackers. When your attacker is well-resourced and determined to hack YOU...then it's not such a good thing, because they're willing to find the specific vulnerabilities in an obscure OS or application. Microsoft Windows gets pretty well wrung-out because of all the attention. For a long time, OSX was full of vulnerabilities until they started to get enough market share to become a good target. Then the flaws started getting detected and patched. But if a nation-state actor or large criminal organization had a reason to hack OSX, they probably would have looked for (and found) some 0-days on their own, then leveraged them.

      --

      For your security, this post has been encrypted with ROT-13, twice.
  2. Re:Win 8 Pro or RT or Both? by Gaygirlie · · Score: 4, Insightful

    On the bright side, your typical hacker won’t be able to figure this one out either: Windows 8 raises the security bar even higher than before, and if it was easy, someone would have beaten VUPEN to it long ago.

    And who thinks that other hackers won't figure this out?

    More precisely, who says the other hackers would disclose it if they found such vulnerabilities? There's plenty of profit to be earned in vulnerabilities in the black market.

  3. Re:Windows RT? by tuppe666 · · Score: 3, Insightful

    I wonder if their hack could be used on Windows RT to gain low-level access to the system, allowing one to essentially jailbreak the thing and let one side-load apps on it. I'm not planning to buy a Windows RT - tablet and one of the reasons is exactly the fact that I am only allowed to install stuff from Windows Store; a fully-working jailbreak would atleast make the thing slightly more useful.

    Why buy a closed device, when open devices like Googles Chromebook which is available cheaper and isn't locked. Excusing manufacturers for their abuse behaviour...and giving them money, never persuaded, and manufacturer to be more open.

  4. Re:Hack Windows? by ThatsMyNick · · Score: 4, Funny

    I tried that. But it did not hack the computer I was trying to hack. And now my computer is not working either.

  5. 4 chained flaws to be exact! by stillpixel · · Score: 5, Funny

    1. They bought Windows 8. 2. They Installed Windows 8. 3. They connected Windows 8 to the internet. 4. They surfed goatse with IE10.

  6. Re:Windows RT? by tuppe666 · · Score: 3, Insightful

    Windows RT is going to be hell its hard to find actuate reliable information about anything. From wikipedia http://en.wikipedia.org/wiki/Windows_RT it claims.

    "Perhaps the biggest change is that Windows RT will only run applications that have been included in Microsoft's App store. This requires certification by Microsoft that they consider the application to be suitable."

    and obviously

    "Users will not have an option to disable UEFI secure boot on Windows RT systems. As a result, only operating systems that have been signed for secure boot by their developers can be installed"

  7. Re:Windows RT? by Gaygirlie · · Score: 5, Informative

    To back up what I just said: http://msdn.microsoft.com/en-us/library/windows/hardware/hh825613.aspx

    [August 2012] Sideloading apps on Windows 8

    Sideloading is supported on the following editions when you activate a sideloading product key:

            Windows 8 Pro

            Windows 8 Enterprise*

    * The sideloading product key is not required with Windows 8 Enterprise when the computer is joined to an active directory domain.

    noteNote
    Sideloading is also supported on Windows RT. The group policy service is not enabled by default on Windows RT. You must enable the service before policies can be applied to the computer.

    To sideload line-of-business apps on Windows Server 2012, the computer must be joined to an active directory domain.

    For more information, see How to Add and Remove Apps.

    In other words a side-loading key is needed. Ordinary users won't get that and won't be able to side-load.

  8. Re:Hardly surprising, it's still a baby. by hobarrera · · Score: 4, Insightful

    It's sad to see that MS has dominated the market for so long that exploits seem accetable and it's insightful to claim this. Software should be well-written before you start charging for it. Period.

    OpenBSD has only had 2 remote security holes in several dozen releases, in over 15 years. Why is it acceptable that something you pay for has had thousands more every release?

  9. Re:Windows RT? by tuppe666 · · Score: 5, Informative

    I'm sorry to disagree with you. Clearly you have an issue with Google. It is untrue that they sell your information. Their business model does not allow that. The whole point is they will *never* sell your information...they sell targeted AD space. They are advertisers just like Apple and Microsoft.

    On the point of privacy. Clearly you have not installed Windows 8. Its defaults are appalling, and your being insincere in implying Microsoft is better.

    The bottom line though is I personally would like a device where I can choose to install whatever OS. The reason being I personally quite like the look of the oversized trackpad on Chomebook , and the ability to install Debien, and it beong Good Value, all three features lacking on windows rt devices.

  10. Re:have fun hacking a OS that few want to run by BronsCon · · Score: 5, Funny

    Well, it's more than 01, less than 11, and still only a 2-bit binary integer.

    --
    APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
  11. Re:Windows RT? by thoth · · Score: 3, Insightful

    Exchanging your control of the device for having every piece of information scanned, categorized, and resold by Google would be reason enough for someone to buy a Win RT tablet.

    So Microsoft has stated they will guarantee full privacy of your info that is stored in SkyDrive?

    If your going to pull the "grass isn't always greener" argument, then Microsoft still loses, as their device is more expensive, will everything else (their treatment of your data) the same.

  12. Re:Windows RT? by cbhacking · · Score: 5, Informative

    Actually, getting a sideloading key is dead easy. You have to run Powershell as Admin, then type Show-WindowsDeveloperLicenseRegistration (or just "show-wi" and hit Tab). Enter Windows Live credentials - anything, including a throw-away account created for the purpose, will work - and boom, you are unlocked for sideloading. Works on Windows 8 (Pro, Enterprise, or otherwise) and on Windows RT (tested it on a Surface).

    http://msdn.microsoft.com/en-us/library/windows/apps/Hh974578.aspx

    I don't know what's up with that old data that says you can't. That's been bouncing around for almost a year, and as far as I can tell it was *never* true, even on pre-release versions. You've been able to unlock Win8 for sideloading since the first preview builds came out! It's as though there's two completely different teams talking about this. Well, three (the one that says *only* Store apps are allowed) but the last one is the marketing team trying to keep the n00bs from getting confused; they are safely ignorable. Fortunately, the team that supports the more open approach is the one that is correct.

    --
    There's no place I could be, since I've found Serenity...
  13. Re:Windows RT? by Microlith · · Score: 4, Interesting

    Yes, you can go through a ridiculously complex process to install a key that will expire and Microsoft can revoke so that you can run some software on your system. It's more akin to Apple's extreme restrictions on side loading than Android's 3rd party sources checkbox. The only difference is that Microsoft isn't charging you $99 to get one. You're still at Microsoft's mercy, and no one can use your application unless they too are capable of repeating the steps.

    I don't know why people keep defending this. It's designed explicitly to inhibit people from using it and bypassing the store.

  14. Re:Windows RT? by Anonymous Coward · · Score: 5, Insightful

    Well - that was the main complaint about Linux.

    And now -using windows- it is suddenly a no-brainer?

    Wow... just wow!

  15. Re:Windows RT? by pentadecagon · · Score: 3, Interesting

    With Microsoft you have worse privacy than with Google. They collect at least the same amount of information, and because everything is closed you never know what else they transmit and collect.

  16. Not shocked by ledow · · Score: 4, Informative

    It took me nearly a day to get a "Active Directory Users and Computers" icon on my Windows 8 Pro VM.

    - First I have to download RSAT.
    - It errors with random hex-code when run.
    - Much googling (and no help in the MS KB) later, I find out it doesn't like being on a mapped shared drive (which is what VMWare uses for it's shared drive with the host).
    - Copy to C:\, run it.
    - It installs without error, but nothing happens after (nothing in Windows Features related to remote admin tools, no new icons).
    - Much googling (and no help in the MS KB) later, it turns out I don't have the en_US language installed and it won't work without it (despite the computer being en_GB!) but will just die silently.
    - Go to install language, get empty language lists.
    - Think they must be on the CD, so point it at the original CD image. Nope. Nothing useful.
    - Much googling (and no help in the MS KB) later, it turns out that because I'd disabled Windows Search, it totally stops the list of languages populating.
    - Enabled Windows Search.
    - Installed language.
    - Still no joy.
    - Much googling (and no help in the MS KB) later, it turns out that because I have disabled Automatic Updates, it won't actually download the language pack (or error, or tell you that, or anything).
    - Re-enabled, got the language pack (150Mb!)
    - Reinstalled the MSU
    - Finally get "Users and Computers".

    It doesn't shock me that in that mess of code there might be a security feature or two that's lax. I mean, seriously? Half the things had no error code or even message to say they weren't going to work or why and those that did provided zero useful information.

    - You can't install an MSU from a network-mapped drive (even if it appears as a mapped drive Z:!)
    - You can't install RSAT with only en_GB enabled.
    - You can't even see the languages available without Windows Search enabled (WTF?)
    - You can't install a language without Automatic Updates enabled (Again, WTF?)
    - You have to know all this to get Users & Computers working (which, if I remember rightly, is installed by default on most "Pro" versions of Windows or at worst was an Add/Remove Windows Feature kind of deal from the initial install disk).

    I'm not surprised, with that amount of cross-interaction between COMPLETELY unrelated components, complete lack of user feedback, and random interactions, that there's a few security problems cropping up.

    And that's not even the worst experience I've had with a clean Windows 8 VM image from an official Windows 8 ISO with a proper Windows 8 Pro Product Key. I actually managed to BSOD the VM within hours of install, not by even doing anything remotely interesting.