407-478-6600 Get SUPPORT

TaylorWorks, Inc. Blog

TaylorWorks, Inc. has been serving the Longwood area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

How 2 Keystrokes Can Bypass the Security of Windows

How 2 Keystrokes Can Bypass the Security of Windows

Usually, when a troubleshooting feature is put in place, it is meant to assist the user in resolving an issue. However, one such feature in Windows 10 could ultimately lead to more problems, as it also can serve as a free-ride vulnerability for an opportunist bystander.

Security expert Sami Lailo discovered that if someone keys in Shift + F10 during a ‘Feature Update’ in Windows 10, they are able to access a Command Prompt window with Admin privileges. Compounding this with the fact that Microsoft updates disable BitLocker while they are in progress, means that someone could feasibly access the hard disk without the aid of any external device.

If that someone happened to be ill-intentioned, they could potentially wreak havoc through the command-line interface. Admittedly, the perpetrator would have to move quickly, but if they had come in with a plan and the foreknowledge of a Feature Update being implemented, they would have plenty of time to do what they had come to do.

Lailo reached out to Microsoft, and the company is now working to resolve this issue.

The current fix? Don’t leave an updating workstation unattended, despite the long periods of time updates can sometimes take.

Once Microsoft releases a patch, businesses and organizations will want to apply it. Keep in mind, any TaylorWorks clients on our managed services will have the update applied once it is tested. Give us a call at 407-478-6600 to learn more.

Tip of the Week: 6 Tips to Avoid Getting Scammed T...
The Case for Hosting Your Phone Solution In-House
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, November 22 2024

Captcha Image

MOBILE? GRAB THIS ARTICLE!

QR-Code dieser Seite