1. Home
  2. Forums Index
  3. WebmasterWorld / Microsoft Windows OS 12:59 am May 21, 2026

Forum Moderators: open

Message Too Old, No Replies

Win10S doesn't appear to be as invulnerable to ransomware as claimed

         

bill

12:18 am on Jun 24, 2017 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



http://www.zdnet.com/article/microsoft-no-known-ransomware-windows-we-tried-to-hack-it/ [zdnet.com]

Microsoft says 'no known ransomware' runs on Windows 10 S -- so we tried to hack it

Microsoft claims "no known ransomware" runs on Windows 10 S, its newest, security-focused operating system.

The software giant announced the version of Windows earlier this year as the flagship student-focused operating system to ship with its newest Surface Laptop. Microsoft touted the operating system as being less susceptible to ransomware because of its locked-down configuration -- to the point where you can't run any apps outside the protective walled garden of its app store. In order to get an app approved, it has to go through rigorous testing to ensure its integrity. That's one of several mitigations that helps to protect the operating system to known file-encrypting malware.

We wanted to see if such a bold claim could hold up.

Spoiler alert: It didn't.

keyplyr

2:09 am on Jun 24, 2017 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Here's how he did it.
Hickey created a malicious, macro-based Word document on his own computer that when opened would allow him to carry out a reflective DLL injection attack
Well that's different than downloading a malicious file that has to get through numerous anti-virus/malware/spyware filters. Zdnet can get a bit sensational at times.

not2easy

2:53 am on Jun 24, 2017 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



I was reading an article today (sorry, behind a paywall) that was describing an attack that leaves no tracks and a backdoor that can be exploited by just about anyone. It's based on the NSA's DoublePulsar and it may be on any network. The reason I mention it here is because the article referred to a blog post by Brad Smith [blogs.microsoft.com] who is Microsoft's President and Chief Legal Officer, calling for a collective action against cyber attacks of all kinds after they patched for WannaCry. As soon as they patch one, there's two more, each one worse.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Microsoft Windows OS 12:59 am May 21, 2026