Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Claims 'No Known Ransomware' Runs on Windows 10 S. Researcher Says 'Hold My Beer' (zdnet.com)

Posted by msmash on from the hold-my-beer dept.

Earlier this month, Microsoft said "no Windows 10 customers were known to be compromised by the recent WannaCry (WannaCrypt) global cyberattack," adding that "no known ransomware works against Windows 10 S." News outlet ZDNet asked a security researcher to see how good Microsoft's claims were. Turns out, not much. From the report: We asked Matthew Hickey, a security researcher and co-founder of cybersecurity firm Hacker House, a simple enough question: Will ransomware install on this operating system? It took him a little over three hours to bust the operating system's various layers of security, but he got there. "I'm honestly surprised it was this easy," he said in a call after his attack. "When I looked at the branding and the marketing for the new operating system, I thought they had further enhanced it. I would've wanted more restrictions on trying to run privileged processes instead of it being such a short process."

7 of 125 comments (clear)

  1. Known to MS by turkeydance · · Score: 4, Funny

    i know nothing...Sgt Schultz

  2. HA HA by Higaran · · Score: 3, Interesting

    I'm usually a fan of MS, but that is some bull if I ever heard it. Maybe there is not a known ransomware because no one thought to make one yet, I didn't even really realize that OS was even out yet.

  3. Re:Interesting by TheFakeTimCook · · Score: 3, Insightful

    People want to be able to run whatever software they like.

    Some people obviously do. But iOS is also highly successful.

    But, there's a difference. Actually two:

    1. the iOS App Store is likely VAST compared with the WIndows 10 App Store. That makes a VAST difference.

    2. People who own iPhones/iPads understand the reasoning behind, and are used to, the App Store Restriction (which really isn't a restriction anymore, since iOS 8).

  4. Re:Meh by ledow · · Score: 5, Interesting

    You wish.

    I often run suspicious files through AV websites like TotalVirus.com

    You'd be AMAZED how much old stuff sitting in my inbox for 5 years won't be picked up by big-name anti-virus suites even with "heuristics".

    And if you tweak it by just one byte (e.g. javascript viruses and changing a code-path ever-so-slightly), it'll usually zoom through ALL of them.

    Sorry, but AV is just a constantly out-of-date database of things that MILLIONS of people have already caught, that is used as a lookup for every file access. In terms of protecting your computer, it's useless (or WannaCry wouldn't have happened, even on non-updated machines). In terms of doing so efficiently, it's absolutely atrocious.

  5. Real Security isn't Cheap by LeftCoastThinker · · Score: 4, Interesting

    Windows 10S is nothing more than a play to walled garden Windows, by appealing to consumers fears, all while the customer pays for the pleasure. Hopefully someone will file a class action for false advertising (since actually hacking the OS was a trivial 3 hours for someone who knew what they were doing).

    It is high time that companies take cyber security seriously, before someone hacks a windows computer running some critical system and causes a major accident (oh wait, that has happened multiple times already). For far too long companies have played fast and loose with the word secure.

    Is it possible for MS to make a hardened version of Windows? Probably, but it would require a fundamental re-thinking of how windows runs, and there would be a performance hit. MS would have to spend real resources on the security aspect, and that would take resources away from developing the shiny interface tweaks that no one gives a shit about but the MBAs think is critical...

    --
    If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
  6. uh.... by circularWaffle · · Score: 5, Informative

    Does MS realize that infection/breach through macros is NOT a new/unknown/zero day thing? That's why the "Protected View" is in place in the first place..........Yes, the protection is in place....But it doesn't mean that a user isn't going to deliberately ignore any warnings just because, "idk I just thought it was a document from my friend and didn't think about it". That shit happens all the time! This is now a known exploit. I mean, seriously, go fix the issue MS.

  7. Windows HLK by tepples · · Score: 3, Informative

    Drivers for Windows 10 S must meet these requirements. I imagine that participants in a public driver beta test would use Windows 10 Pro instead of Windows 10 S.