Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Claims 'No Known Ransomware' Runs on Windows 10 S. Researcher Says 'Hold My Beer' (zdnet.com)

Posted by msmash on from the hold-my-beer dept.

Earlier this month, Microsoft said "no Windows 10 customers were known to be compromised by the recent WannaCry (WannaCrypt) global cyberattack," adding that "no known ransomware works against Windows 10 S." News outlet ZDNet asked a security researcher to see how good Microsoft's claims were. Turns out, not much. From the report: We asked Matthew Hickey, a security researcher and co-founder of cybersecurity firm Hacker House, a simple enough question: Will ransomware install on this operating system? It took him a little over three hours to bust the operating system's various layers of security, but he got there. "I'm honestly surprised it was this easy," he said in a call after his attack. "When I looked at the branding and the marketing for the new operating system, I thought they had further enhanced it. I would've wanted more restrictions on trying to run privileged processes instead of it being such a short process."

19 of 125 comments (clear)

  1. Known to MS by turkeydance · · Score: 4, Funny

    i know nothing...Sgt Schultz

  2. HA HA by Higaran · · Score: 3, Interesting

    I'm usually a fan of MS, but that is some bull if I ever heard it. Maybe there is not a known ransomware because no one thought to make one yet, I didn't even really realize that OS was even out yet.

  3. "Known" is the keyword by UnknowingFool · · Score: 2

    MS can't possibly know all the ransomware out there, however, I think MS does a terrible job at fixing anything. I had a friend who bought a MS product but in working with it he found a bug. He calls MS support. They research it but they say with his level of support, they can't go any further without premium support. So he pays for premium support. Premium support confirms that it is a bug. He asks when a fix is possible. They say they are not going to fix it. He asks why the heck did his premium support money do? For the privilege of telling him that it was a bug apparently.

    --
    Well, there's spam egg sausage and spam, that's not got much spam in it.
    1. Re:"Known" is the keyword by captaindomon · · Score: 2

      You obviously don't work in software. Any major software project has hundreds to thousands of know bugs, including Apple products, Microsoft products, even Linux based products. All of those bugs have to be prioritized and weighed. Is this something that most customers need fixed? Will it cause more problems to fix it than to leave it? Is it better to put our efforts toward moving toward the next version, which automatically fixes this problem, instead of trying to fix it in this version, which will be obsolete in three months? Sucks to have bugs. But software systems are extremely complex, and often have entire teams of people dedicated to evaluating which bugs should/can be fixed and which should be just accepted as part of the system.

      --
      Just because I can hook a shark from a boat, I do no offer to wrestle it in the water.
    2. Re:"Known" is the keyword by Jack9 · · Score: 2

      > Your friend is a liar or you are.

      You aren't helping, nor are you even trying to contribute. You might want to revisit your assumptions, because they are most certainly leading you into false conclusions. The correct answer is, "I doubt it, let's see if there's any history to corroborate."

      A cursory search result might lead you to http://www.schveiguy.com/blog/...

      --

      Often wrong but never in doubt.
      I am Jack9.
      Everyone knows me.
    3. Re: "Known" is the keyword by Icyfire0573 · · Score: 2

      In my experience in IT having called Microsoft about a dozen times, if they say that they are at fault for the issue they will refund the cost of the case you opened to have an issue resolved.
      This includes bugs in their software and patches that were installed that broke something (like an exchange cluster for a hospital).
      I believe I have had to pay when they say the only way to fix it is to reformat and reinstall, and that was after 20 hours of troubleshooting.

    4. Re:"Known" is the keyword by Voyager529 · · Score: 2

      I still think windows home server was a disaster.
      Oh it just occasionally corrupts backups so you can't open them.

      It was never fixed!

      No way to repair or recover the data was ever provided.

      Then they took out Drive Extender and still didn't fix it.

      Sadly, WHS was a great idea doomed from the get-go for a myriad of reasons. It needed a crowd sufficiently-enthusiast to want a product capable of handling home streaming and backups, but insufficiently enthusiast to set up a FreeNAS, Plex, and the free version of Macrium (or the inexpensive 5-user license of Acronis, which was still half-decent at the time). The hardware had its issues, not the least of which being manufactured by an HP that was trying to figure out how to do this 'mobile' thing by buying Palm, and their revolving door of CEOs. The affordable ones had a single internal drive and expected to be supplemented by a hodgepodge of externals, while the unit that supported multiple drives cost over $1,000 with three of those bays empty.

      The early versions integrated with Live OneCare, which would have been great if they didn't abandon it, and the Windows Media Center integration was hampered by the speeds of the then-dominant single-band 802.11n, as well as the fact that the server couldn't function as a DVR directly (allowing a client/server model like MythTV today), a problem compounded by the broadcast flags being used by some cable companies.

      The nail in the coffin came by way of issues like the ones you've specified - storage space issues, backup integrity issues, poor integration with non-Microsoft products, and no proactive means of addressing any of them. When not even those who were willing to give it a shot were able to achieve a reliable amount of success, there's no way it's hitting critical mass.

  4. Re:Interesting by Anonymous Coward · · Score: 2, Interesting

    People want to be able to run whatever software they like.

    Some people obviously do. But iOS is also highly successful.

  5. Echoes of Steve Job's boast by TheHawke · · Score: 2

    Back in the days of Mac OS8, he proclaimed that the MacOS was virus-proof.

    Big mistake.

    By the end of the week at least a dozen or so viriii were released into the wild and Jobs had to eat humble pie.

    --
    First rule of holes; When in one, stop digging.
    1. Re:Echoes of Steve Job's boast by boley1 · · Score: 2

      Steve Jobs eating humble pie? You must be talking about another Steve Jobs.

  6. Re:Interesting by TheFakeTimCook · · Score: 3, Insightful

    People want to be able to run whatever software they like.

    Some people obviously do. But iOS is also highly successful.

    But, there's a difference. Actually two:

    1. the iOS App Store is likely VAST compared with the WIndows 10 App Store. That makes a VAST difference.

    2. People who own iPhones/iPads understand the reasoning behind, and are used to, the App Store Restriction (which really isn't a restriction anymore, since iOS 8).

  7. Silliness by Thyamine · · Score: 2

    I think this is always silly when a company claims something like this, and I think everyone in the industry understands that. However, it gets headlines, and will be used for marketing. All the normal users though will never see this article explaining why it's bull, but they'll remember 'Hmm Windows S doesn't get ransomware'. Now maybe some of the marketing people really believe this statement, however I highly doubt any of the devs or engineering team truly thought 'ah ha! We've done it!'

    --
    I will shred my adversaries. Pull their eyes out just enough to turn them towards their mewing, mutilated faces. Illyria
  8. Re:Meh by ledow · · Score: 5, Interesting

    You wish.

    I often run suspicious files through AV websites like TotalVirus.com

    You'd be AMAZED how much old stuff sitting in my inbox for 5 years won't be picked up by big-name anti-virus suites even with "heuristics".

    And if you tweak it by just one byte (e.g. javascript viruses and changing a code-path ever-so-slightly), it'll usually zoom through ALL of them.

    Sorry, but AV is just a constantly out-of-date database of things that MILLIONS of people have already caught, that is used as a lookup for every file access. In terms of protecting your computer, it's useless (or WannaCry wouldn't have happened, even on non-updated machines). In terms of doing so efficiently, it's absolutely atrocious.

  9. Real Security isn't Cheap by LeftCoastThinker · · Score: 4, Interesting

    Windows 10S is nothing more than a play to walled garden Windows, by appealing to consumers fears, all while the customer pays for the pleasure. Hopefully someone will file a class action for false advertising (since actually hacking the OS was a trivial 3 hours for someone who knew what they were doing).

    It is high time that companies take cyber security seriously, before someone hacks a windows computer running some critical system and causes a major accident (oh wait, that has happened multiple times already). For far too long companies have played fast and loose with the word secure.

    Is it possible for MS to make a hardened version of Windows? Probably, but it would require a fundamental re-thinking of how windows runs, and there would be a performance hit. MS would have to spend real resources on the security aspect, and that would take resources away from developing the shiny interface tweaks that no one gives a shit about but the MBAs think is critical...

    --
    If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
  10. uh.... by circularWaffle · · Score: 5, Informative

    Does MS realize that infection/breach through macros is NOT a new/unknown/zero day thing? That's why the "Protected View" is in place in the first place..........Yes, the protection is in place....But it doesn't mean that a user isn't going to deliberately ignore any warnings just because, "idk I just thought it was a document from my friend and didn't think about it". That shit happens all the time! This is now a known exploit. I mean, seriously, go fix the issue MS.

  11. Windows HLK by tepples · · Score: 3, Informative

    Drivers for Windows 10 S must meet these requirements. I imagine that participants in a public driver beta test would use Windows 10 Pro instead of Windows 10 S.

  12. Re:Interesting by david_thornley · · Score: 2

    I don't use my iPhone or my Android tablet as general-purpose computing devices. I use my laptop and desktop for those, and those had better run arbitrary software or they're of little use to me.

    --
    "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
  13. Admin Privileges!? by rsmith-mac · · Score: 2

    Word was opened with administrative privileges through Windows' Task Manager

    Isn't this essentially cheating? If Word is opened by a user, it's only opened at standard user privileges, even if that user is a member of the admin group.

    The use of a macro is clever enough. But if it hinges on Word running as Admin, then I have to question whether this is anything more than a publicity stunt.

  14. Read it by SuperDre · · Score: 2

    Read the whole story and think... Then you'll know this 'researcher' is just bullshitting. You already need to start word in admin-mode (first thing that makes ms their claim still stand), then you need to click on the activate macro's button, and in the end you still need to be able to install the malware which is not on the ms windows store and therefore cannot simply be installed, but that's something he doesn't even do claiming with some bullshit about not wanting his network to be infested.. no this is just a clickbait article by zdnet for triggering some extra ad revenue...