Unencrypted Windows Crash Reports a Blueprint For Attackers

← Back to Stories (view on slashdot.org)

Unencrypted Windows Crash Reports a Blueprint For Attackers

Posted by timothy on Thursday January 2, 2014 @06:40AM from the distributed-fuzzing-attack dept.

An anonymous reader writes "According to Forbes online, up to 1 billion PCs are at risk of leaking information that could be used as a blueprint for attackers to compromise a network from Microsoft Windows Error Reporting (WER) crash reports that are sent in the clear. Researchers at Websense Labs released a detailed overview of the data contained in the crash reports, shortly after Der Spiegel released documents alleging that nation-state hackers may have used this information to execute highly targeted attacks with a low risk of detection, by crafting attacks specifically for vulnerable applications that are running on the network. Also interesting to think that Microsoft knows exactly what model of phones that you have plugged into your PC..."

3 of 103 comments (clear)

Min score:

Reason:

Sort:

Duh by mythosaz · 2014-01-02 06:47 · Score: 5, Funny

Also interesting to think that Microsoft knows exactly what model of phones that you have plugged into your PC..."
Wait, you mean my crash reports include a list of devices?!?
The horror.
1. Re:Duh by recoiledsnake · 2014-01-02 07:02 · Score: 5, Funny
  
  Reading the article, it says that each time you plug in a new USB device, it automatically sends that information to Microsoft. Even if you don't send the Windows crash reports to Microsoft, your computer is still phoning home each time you install a new USB device.
  Duh, how does it search for drivers on Windows Update then? Turn off that functionality and then check, if it still does, then it's news.
  Next you will tell me that my browser is broadcasting an IP Address.
  
  --
  This space for rent.
USB rings bell, and they must know at once. by 140Mandak262Jamuna · 2014-01-02 07:46 · Score: 5, Funny

As you can see, within seconds of connecting the new USB device to the computer, a report is sent to watson.microsoft.com in HTTP (clear text). This report includes a considerable amount of information that is URL encoded into the request. This information includes:
Every time you plug in a device to USB port, a di-ding bell sounds. It is of utmost importance to Microsoft to know a bell has rung, so that it can promote an angel second class to angel first class with wings.
See? There is an innocent explanation for it after all.

--
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact