Windows 10 related cybersecurity articles - The Hacker News
The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Windows 10

New GhostHook Attack Bypasses Windows 10 PatchGuard Protections

New GhostHook Attack Bypasses Windows 10 PatchGuard Protections

June 23, 2017Swati Khandelwal
Vulnerabilities discovered in Microsoft PatchGuard kernel protection could allow hackers to plant rootkits on computers running the company's latest and secure operating system, Windows 10. Researchers at CyberArk Labs have developed a new attack technique which could allow hackers to completely bypass PatchGuard, and hook a malicious kernel code (rootkits) at the kernel level. PatchGuard, or (or Kernel Patch Protection) is a software tool that has been designed to forbid the kernel of 64-bit versions of Windows OS from being patched, preventing hackers from running rootkits or executing malicious code at the kernel level. Dubbed GhostHook , the attack is what the CyberArk Labs researchers call the first attack technique that thwarts the defensive technology to bypass PatchGuard, though it requires a hacker to already be present on a compromised system and running code in the kernel. So, basically, this is a post-exploitation attack. "[GhostHook] is neither an
Microsoft to Remove SMBv1 Protocol in Next Windows 10 Version (RedStone 3)

Microsoft to Remove SMBv1 Protocol in Next Windows 10 Version (RedStone 3)

June 20, 2017Mohit Kumar
The Server Message Block version 1 (SMBv1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — will be removed from the upcoming Windows 10 (1709) Redstone 3 Update. The SMBv1 is one of the internet's most ancient networking protocols that allows the operating systems and applications to read and write data to a system and a system to request services from a server. The WannaCry ransomware , which wreaked havoc last month, was also leveraging an NSA's Windows SMB exploit, dubbed EternalBlue , leaked by the Shadow Brokers in its April data dump. The WannaCry ransomware menace shut down hospitals , telecommunication providers, and many businesses worldwide, infecting hundreds of thousands of unpatched Windows servers running SMBv1 in more than 150 countries within just 72 hours on 12th of May. Although Microsoft patched the vulnerability in SMBv1 in March in MS17-010 , the company meanwhile strongly advised us
Kaspersky Accuses Microsoft of Unfairly Disabling its Antivirus in Windows 10

Kaspersky Accuses Microsoft of Unfairly Disabling its Antivirus in Windows 10

June 07, 2017Mohit Kumar
Russian antivirus vendor Kaspersky Lab is so upset with US software giant Microsoft that the security firm has filed more antitrust complaints against the company. The antivirus firm initially filed a lawsuit late last year against Microsoft with Russian Federal Anti-monopoly Service (FAS) over alleged abuse of Microsoft's dominant position in the desktop market to push its own antivirus software with Windows 10 and unfair competition in the market. Microsoft ships Windows 10 with its own security software Windows Defender, which comes enabled it by default with the operating system. While Microsoft has made some changes in Windows Defender since the initial complaint, Kaspersky Lab is not satisfied with the changes, filing more antitrust complaints against the software giant, this time with the European Commission and the German Federal Cartel Office. Kaspersky Accuses Microsoft of Unfair Competitive Practices The antivirus firm told European antitrust regulators that Mi
Microsoft Unveils Special Version of Windows 10 For Chinese Government

Microsoft Unveils Special Version of Windows 10 For Chinese Government

May 24, 2017Wang Wei
China is very strict about censorship, which is why the country has become very paranoid when it comes to adopting foreign technologies. The country banned Microsoft's Windows operating system on government computers in 2014 amid concerns about security and US surveillance. Even in the wake of that, China had been pushing its custom version of Windows XP and its forked version of Ubuntu Linux . To deal with this issue and target the world's largest market, Microsoft's CEO for the Greater China region last year confirmed that the company was working on a Chinese version of Windows 10 that included "more management and security controls" and less bloatware. Now, Microsoft has just announced a new version of its Windows 10, which is now ready for Chinese government agencies to use. In its event in Shanghai on Tuesday, Microsoft announced Windows 10 China Government Edition specifically designed for the Chinese government.The OS is based on Windows 1
Microsoft Issues Emergency Patch For Critical RCE in Windows Malware Scanner

Microsoft Issues Emergency Patch For Critical RCE in Windows Malware Scanner

May 09, 2017Mohit Kumar
Microsoft's own antivirus software made Windows 7, 8.1, RT and 10 computers, as well as Windows Server 2016 more vulnerable. Microsoft has just released an out-of-band security update to patch the crazy bad bug discovered by a pair of Google Project Zero researchers over the weekend. Security researchers Tavis Ormandy announced on Twitter during the weekend that he and another Project Zero researcher Natalie Silvanovich discovered "the worst Windows remote code [execution vulnerability] in recent memory." Natalie Silvanovich also published a  proof-of-concept (PoC) exploit code that fits in a single tweet. The reported RCE vulnerability , according to the duo, could work against default installations with "wormable" ability – capability to replicate itself on an infected computer and then spread to other PCs automatically. According to an advisory released by Microsoft, the remotely exploitable security flaw (CVE-2017-0290) exists in Microsoft
Microsoft Finally Reveals What Data Windows 10 Collects From Your PC

Microsoft Finally Reveals What Data Windows 10 Collects From Your PC

April 06, 2017Mohit Kumar
Since the launch of Windows 10, there has been widespread concern about its data collection practices , mostly because Microsoft has been very secretive about the telemetry data it collects. Now, this is going to be changed, as Microsoft wants to be more transparent on its diagnostics data collection practices. Till now there are three options ( Basic, Enhanced, Full ) for Windows 10 users to select from under its diagnostics data collection section, with no option for users to opt out of sending their data to Microsoft. Also, the company has never said precisely what data it collects behind these options, which raised huge privacy concerns among privacy-conscious users. But now for the first time, Microsoft has revealed what data Windows 10 is collecting from your computer with the release of the Windows 10 Creators Update , bringing an end to nearly two years of its mysterious data collection practices . The Windows 10 Creators Update, which will be available from Apri
Microsoft Started Blocking Windows 7/8.1 Updates For PCs Running New Processors

Microsoft Started Blocking Windows 7/8.1 Updates For PCs Running New Processors

March 20, 2017Wang Wei
You might have heard the latest news about Microsoft blocking new security patches and updates for Windows 7 and Windows 8.1 users running the latest processors from Intel, AMD, Qualcomm, and others. Don't panic, this new policy doesn't mean that all Windows 7 and 8.1 users will not be able to receive latest updates in general because Microsoft has promised to support Windows 7 until 2020 , and Windows 8.1 until 2023. But those who have upgraded their machines running older versions of Windows to the latest processors, or manually downgraded their new laptops to run Windows 7/8.1 would be out of luck. A recently published Microsoft Knowledge Base article suggests that if you are running the older version of operating systems on your computers that feature new processors, including Intel's 7th generation Core i3, i5 and i7 ("Kaby Lake"), AMD Ryzen ("Bristol Ridge") and Qualcomm 8996 chips or later, the security updates will not install. Inste
Press Shift + F10 during Windows 10 Upgrade to Launch Root CLI & bypass BitLocker

Press Shift + F10 during Windows 10 Upgrade to Launch Root CLI & bypass BitLocker

November 30, 2016Swati Khandelwal
If your computer's security relies on Windows BitLocker Hard Drive Encryption software, then Beware! Because anyone with physical access to your PC can still access your files within few seconds. All an attacker need to do is hold SHIFT+F10 during Windows 10 update procedure. Security researcher Sami Laiho discovered this simple method of bypassing BitLocker, wherein an attacker can open a command-line interface with System privileges just by holding SHIFT+F10 while a Windows 10 PC is installing a new OS build. The command-line interface (CLI) then grants the attacker full access to the computer's hard drive, even when the victim has enabled BitLocker disk encryption feature. Laiho explains that during the installation of a new build (Windows 10 upgrade), the operating system disables BitLocker while the Windows PE installs a new image of the main Windows 10 OS. "The installation [Windows 10 upgrade] of a new build is done by reimaging the machine and the im
Apple starts downloading MacOS Sierra automatically to your MacBook — Here's How to Stop It

Apple starts downloading MacOS Sierra automatically to your MacBook — Here's How to Stop It

October 05, 2016Swati Khandelwal
Are you experiencing slow Internet speed on your MacBook today? — It's not just you! Here's Why: Following in Microsoft's footsteps , Apple has started " pre-downloading " the latest version of its desktop operating system, macOS 10.12 Sierra, in the background, if you are still running OS X El Capitan. If you have automatic downloads enabled on your Mac, a large file of around 5GB will mysteriously be downloaded to your computer in the background, using your Internet bandwidth for unrequested files. Apple justifies this move by saying that the automatic download would make it easier for users to get the newest operating system, encouraging them to update their Macs. The good news, however, is that the update will not install automatically without your permission. Once downloaded automatically in the background, users who are running OS X El Capitan version 10.11.5 or later will receive a notification that says macOS Sierra is ready to be installed.
Does your WebCam Crash after Windows 10 Anniversary Update? Here’s How to Fix It

Does your WebCam Crash after Windows 10 Anniversary Update? Here's How to Fix It

August 20, 2016Swati Khandelwal
If your webcam has stopped working after installing recently-released Microsoft's big Anniversary Update for Windows 10 , you are not alone. With some significant changes to improve Windows experience, Windows 10 Anniversary Update includes the support for webcams that has rendered a number of different webcams inoperable, causing serious issues for not only consumers but also the enterprise. The problem is that Microsoft added some new ways for applications to access webcams with Microsoft's new Windows Camera Frame Server, preventing webcams from using two particular compression formats—H.264 and MJPEG. Microsoft decided that the Camera Frame Server should only receive an uncompressed YUY2 encoding stream from the webcam, which is affecting far more devices than Microsoft expected, causing Millions of cameras to crash. This is the reason why your camera hangs, freezes, or simply not works when you try to do a video calling with your friend over Skype. Brad Sams of
Microsoft Open Sources PowerShell; Now Available for Linux and Mac OS X

Microsoft Open Sources PowerShell; Now Available for Linux and Mac OS X

August 18, 2016Swati Khandelwal
'Microsoft loves Linux' and this has never been so true than now. Microsoft today made its PowerShell scripting language and command-line shell available to the open source developer community on GitHub under the permissive MIT license. The company has also launched alpha versions of PowerShell for Linux (specifically Red Hat, Ubuntu, and CentOS) and Mac OS X, in addition, of course, to Windows. Now, people can download binaries of the software, as well as access source code of the app from the new PowerShell GitHub page. "Users across Windows and Linux, current and new PowerShell users, even application developers can experience a rich interactive scripting language as well as a heterogeneous automation and configuration management that works well with your existing tools," Microsoft says in its blog post . "Your PowerShell skills are now even more marketable, and your Windows and Linux teams, who may have had to work separately, can now work toge
Hackers Selling Unpatched Microsoft Windows Zero-Day Exploit for $90,000

Hackers Selling Unpatched Microsoft Windows Zero-Day Exploit for $90,000

June 03, 2016Swati Khandelwal
How much a Windows zero-day exploit that affects all versions of Windows operating system costs on the black market? It's $95,000, at least, for the one recently spotted by security researchers. Researchers from Trustwave's SpiderLabs team have uncovered a zero-day exploit on Russian underground malware forum exploit.in, affecting all versions of Microsoft Windows OS from Windows 2000 all the way up to a fully patched version of Windows 10. The zero-day exploit for the previously unknown vulnerability in " every version " of Windows is openly sold for $90,000 ( over £62,000 ). The security team originally discovered the zero-day exploit last month when the firm saw its ad on a Russian hacking forum for $95,000. However, the price has now been dropped to $90,000. The zero-day vulnerability in question claims to be a Local Privilege Escalation (LPE) bug in Windows that offers admin access to run malicious code on a victim's PC and is less dangerous th
Windows 10 Blue Screen of Death Gets QR Code

Windows 10 Blue Screen of Death Gets QR Code

April 13, 2016Swati Khandelwal
If you are a Microsoft's Windows user, you may have encountered the infamous Blue Screen of Death (BSOD) . The Blue Screen of Death generally appears when Windows encounters any critical error due to software or hardware issues, displaying a sad face and no information other than "Your PC ran into a problem." However, now the company is apparently giving its infamous Blue Screen of Death a makeover. With the Microsoft's Anniversary Update, the company is making the Blue Screen of Death a little helpful for its users. Microsoft is adding QR code to its Blue Screen of Death (BSOD) in Windows 10 that will make it easier for users to identify potential issues with their devices. The new QR codes are featured in the Redmond's latest Windows 10 Preview, Build 14316, which will debut this summer as the Windows 10 Anniversary Update. Must Read:   Step-by-Step Tutorial to Run Ubuntu on latest Windows 10 Preview Build . Now, when your operating
How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316

How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316

April 07, 2016Swati Khandelwal
As reported last week, Microsoft will launch an 'Anniversary Update' for Windows 10 that will bring Ubuntu file system, allowing you to use Bash to run command-line Linux applications without a virtual machine. However, you do not have to wait until this summer to run Bash ( Bourne Again Shell ) on your Windows 10 OS, as Microsoft has released the first preview build of the Windows 10 Anniversary Update to the members of its Insider program. Don't expect it to run Ubuntu directly on Windows 10, as this is basically Ubuntu user-space packages running natively on Windows 10 by the company coming up with real-time translation of Linux system calls into Windows system calls. This new Bash Shell support features a full Ubuntu user space complete with support for tools including ssh, apt, rsync, find, grep, awk, sed, sort, xargs, md5sum, gpg, curl, wget, apache, mysql, python, perl, ruby, php, vim, emacs and more. Windows 10 build 14316's biggest addition is
Microsoft adds Linux Bash Shell and Ubuntu Binaries to Windows 10

Microsoft adds Linux Bash Shell and Ubuntu Binaries to Windows 10

March 31, 2016Swati Khandelwal
'Microsoft loves Linux' so much that now the company is bringing the popular Bash shell , alongside the entire Linux command environment, to its newest Windows 10 OS in the upcoming 'Anniversary Update,' Redstone. The rumours before the Microsoft's Build 2016 developer conference were true. Microsoft has just confirmed that it is going to enable its users to run Bash (Bourne Again Shell) natively on Windows 10. Also Read: Microsoft Drops a Cloud Data Center Under the Ocean . Microsoft has partnered with Ubuntu's parent company Canonical to ensure the Bash experience for users is just as good in Windows OS as it's in variants of Linux. Although the Goal of the partnership, in the end, is to bring Ubuntu on Windows 10, don't expect it to run Ubuntu directly on Windows 10. Users will be able to download Bash from the Windows Store. BASH or Bourne Again Shell is capable of handling advanced command line functionalities that are not a c
Microsoft built a special version of Windows 10 just for Chinese Government

Microsoft built a special version of Windows 10 just for Chinese Government

March 29, 2016Unknown
China is very strict about censorship, which makes it difficult for companies to launch their products in the country. But companies like Microsoft are playing smartly to target the largest market in the world. Microsoft has found a way to enter into the banned Chinese Market, but this time with official support for Chinese Government through a new custom and exclusive Windows 10 version for China. It sounds like Microsoft has no issues like Apple, which strongly refused the court order to create a special 'GovtOS' version to help the Feds with unlocking iPhone. Microsoft's CEO for the Greater China region Ralph Haupter has confirmed that the company has built a Chinese government-approved version of Windows 10 OS that includes " more management and security controls " and less bloatware ( pre-installed apps ). Specialized Windows 10 'Zhuangongban' for China In a joint venture with a state-run technology and defense company, CETC ( China Electronic Technology Gr
Windows 10 Sends Your Data 5500 Times Every Day Even After Tweaking Privacy Settings

Windows 10 Sends Your Data 5500 Times Every Day Even After Tweaking Privacy Settings

February 10, 2016Swati Khandelwal
Myth: By disabling all privacy compromising and telemetry features on Windows 10 will stop Microsoft to track your activities. Fact: Even after all telemetry features disabled, Windows 10 is phoning home more than you could ever think of. Ever since the launch of Microsoft's newest operating system, Windows 10 is believed to be spying on its users. I wrote a number of articles to raise concern about Windows 10 privacy issues , including its controversial data mining features  and privacy invasion features . The only solution believed to cope up with these issues is to disable all the telemetry features or use an automated tool to disable all privacy-infringing features in just one click. But unfortunately, all these efforts got wasted because Microsoft still tracks you, even after you tighten your Windows 10 privacy to an extreme level, claims the recent analysis conducted by a Voat user CheesusCrust. Traffic Analysis Reveals Extent of Windows 10 Spying
All Versions of Windows affected by Critical Security Vulnerability

All Versions of Windows affected by Critical Security Vulnerability

February 10, 2016Swati Khandelwal
Microsoft has released 13 security bulletins, six of which are considered to be critical, resolving a total of 41 security vulnerabilities in its software this month. Every Windows version Affected: One of the critical vulnerabilities affects all supported version of Windows , including Microsoft's newest Windows 10 operating system, as well as Windows Server 2016 Tech Preview 4. The memory-corruption flaw ( MS16-013 ) could allow a remote attacker to execute arbitrary code as the logged-in user by tricking a user into opening a specially crafted Journal file. This vulnerability would let the attacker run malicious programs on victim's machine, even delete data and create new accounts with full user rights. Administrator accounts are at the greatest risk than users with a fewer user rights account on the system. However, the good news is the vulnerability has not been spotted in the wild. List of All Critical Vulnerabilities Other Critical Secur
Exclusive Offers

Cybersecurity Newsletter — Stay Informed

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.