back to article It's 2015, and someone can pwn Windows PCs by inserting a USB stick

Microsoft has released 14 sets of software patches to address critical security vulnerabilities in Windows, Office, Internet Explorer, and Edge. Yes, even Edge: Microsoft's supposedly whizzbang super-secure web browser. Users and sysadmins should apply August's Patch Tuesday fixes as soon as possible: the bugs can be exploited …

  1. Dan 55 Silver badge
    Facepalm

    I like the way they separated the Edge bugs from the IE bugs. Same CVEs though. Whatever could that mean?

    1. Destroy All Monsters Silver badge

      It means it's from the same roll of toilet paper.

    2. big_D Silver badge

      It is like separating Ford Escort bugs from Ford Focus bugs, the same problem may exist in both vehicles, but they are different...

      1. hplasm Silver badge
        Devil

        "... the same problem may exist in both vehicles, but they are different..."

        The problem is the same- in that case 'Ford'.

        In this case...

      2. Anonymous Coward
        Anonymous Coward

        More like separating yellow Ford Focus bugs from brown Ford Focus bugs... the same problem exists in both vehicles but they are different in the mouths of the salesmen...

    3. Anonymous Coward
      Anonymous Coward

      I like the way they separated the Edge bugs from the IE bugs. Same CVEs though. Whatever could that mean?

      It means you will soon see yet another Redmond marketing troll claiming that Windows has only got xx problems, but Linux?OSX/FreeBSD (etc etc) have more, because that's how they sell this abomination to their golf buddies.

    4. Jordan Davenport

      Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240

      Despite the fact that it identifies as pretty much everything else as well for compatibility, Edge identifies as version "12.10240", which I see as an internal admission of its being IE12, even if "About this app" identifies it as Microsoft Edge 20.10240.16384.0.

  2. elDog Silver badge

    Can I please go back to PC-DOS?

    Or CPM? I'm sure there weren't any of these browser bugs before MS stole the sofware.

    1. AndrueC Silver badge
      Boffin

      Re: Can I please go back to PC-DOS?

      Or CPM?

      Maybe not browser bugs but I did once write a virus for CP/M when I was at polytechnic in the mid 80s. Purely as an intellectual exercise of course. Plus I wrote it on an Amstrad CPC 6128 which used 3" floppy discs so it didn't really have much opportunity to infect the wider world :)

    2. Pascal Monett Silver badge

      Re: Can I please go back to PC-DOS?

      I'm pretty sure PC-DOS had absolutely no browser bugs.

      1. AndrueC Silver badge
        WTF?

        Re: Can I please go back to PC-DOS?

        Questions that make you go..hmmm?

  3. Joe 48

    So can

    Android, IOS, Linux etc. Special thanks should be given to java and flash too.

  4. DCLXV
    Thumb Up

    Finally

    An end to scan-happy bots looking for easy pickings on port 22

    1. Anonymous Coward
      Anonymous Coward

      Re: Finally

      What do you wager that your tcp/22 probes DON'T decrease in frequency?

  5. Anonymous Coward
    Anonymous Coward

    OpenSSH remote execution bug?

    One of the fixed security bugs (mentioned in the release notes) was:

    * sshd(8): Portable OpenSSH only: Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code execution. Also reported by Moritz Jodeit.

    Sounds like a remotely exploitable bug that may not need a local account. Anyone know the details?

    1. Anonymous Coward
      Anonymous Coward

      Re: OpenSSH remote execution bug?

      It says 'portable only' which means anything that is not openbsd, which is like everything.

      1. DougS Silver badge

        Re: OpenSSH remote execution bug?

        Surely they would have highlighted this as a severe risk, given how many people have a hole in their firewall for incoming SSH. Certainly need more details on this one, it sounds like it could be a big headache!

  6. Anonymous Coward
    Anonymous Coward

    No wonder patch Tuesday had to go..

    .. they clearly need more days in the week than just one to keep up.

    I wonder what sort of effort MS management undergoes to remove their ability to be embarrassed about the quality of what they sell. Is it reprogramming à la Scientology, or maybe surgery? Whatever it is, it must be pretty major.

    1. Mark 65 Silver badge

      Re: No wonder patch Tuesday had to go..

      I don't know, the cynic in me says that list of remote execution bugs sounds like a carefully crafted set of NSA bugs inserted by someone on the inside. However, the realist in me says "shit coding".

      1. This post has been deleted by its author

      2. This post has been deleted by its author

      3. Anonymous Coward
        Anonymous Coward

        Re: No wonder patch Tuesday had to go..

        I don't know, the cynic in me says that list of remote execution bugs sounds like a carefully crafted set of NSA bugs inserted by someone on the inside. However, the realist in me says "shit coding".

        I no longer have any inclination as to which of those two possibilities is the more likely!.. Meanwhile the pragmatist in me is shouting "WHY CAN'T THEY BE A COMBINATION OF THE TWO? IT'S PROBABLY BOTH, IT'S PROBABLY BOTH"

        Calmly considering all the factors, I think the pragmatist is probably correct. ;)

        1. Anonymous Coward
          Anonymous Coward

          Re: No wonder patch Tuesday had to go..

          no longer have any inclination as to which of those two possibilities is the more likely!.. Meanwhile the pragmatist in me is shouting "WHY CAN'T THEY BE A COMBINATION OF THE TWO? IT'S PROBABLY BOTH, IT'S PROBABLY BOTH"

          Well done, you have just found an argument why the code has to be at least of *some* quality - can't afford a crash when it's sending off your data to the NSA now, can it?

          1. Anonymous Coward
            Anonymous Coward

            Re: No wonder patch Tuesday had to go..

            MUST. HANG. ON. LONG. ENOUGH. TO. GET. THOSE. KEYS. OUT. AHhhhhhhhh.............. [ILLEGAL OPERATION]

  7. Synonymous Howard

    Holdouts

    Now how many of these vulnerabilities exist in the win2k and win2k3 code bases and therefore remain unpatchable by the laggards?

    1. Anonymous Coward
      Joke

      Re: Holdouts

      Depends on the binary. I wonder if file manager from windows 3.1 will run under windows 10?

      1. Benno

        Re: Holdouts

        progman.exe ftw!

        :)

        Actually, you _could_ do this kind of thing with the NT4 preview at least (shell=explorer.exe or shell=progman.exe in one of the .ini files...)

    2. Anonymous Coward
      Anonymous Coward

      Re: Holdouts

      "Now how many of these vulnerabilities exist in the win2k and win2k3 code bases and therefore remain unpatchable by the laggards?"

      Patches were released for some of these on Win2K3 if you have an extended support agreement. The agreement prevents publically providing any further details...

    3. druck Silver badge
      FAIL

      Re: Holdouts

      You can pretty much guarantee that if the patch mentions Windows Vista on wards, it also affects the now unsupported Windows XP - so all but one of that lot.

  8. Anonymous Coward
    Anonymous Coward

    All versions on windows.... again

    Complete rewrite my arse.

    1. Anonymous Coward
      Anonymous Coward

      Re: All versions on windows.... again

      You're finally catching on to this? Where have you been?

      1. Anonymous Coward
        Anonymous Coward

        Re: All versions on windows.... again

        You're finally catching on to this? Where have you been?

        Using OSX and Linux Mint. By the look of things that's where I'll remain :)

        1. Anonymous Coward
          Anonymous Coward

          Re: All versions on windows.... again

          "Using OSX"

          Errm - but that's on well over 2,000 known vulnerabilities now - way more insecure than even Windows XP.

          1. Anonymous Coward
            Anonymous Coward

            Re: All versions on windows.... again

            "Using OSX"

            Errm - but that's on well over 2,000 known vulnerabilities now - way more insecure than even Windows XP.

            Oh hello Redmond marketing department, really? You really want to try and spin that one here, and really right now? You did read what the main article was about, no? And you do realise that most people reading *this* forum are fairly adept at detecting manipulated statistics and selective quoting from facts, no?

            I know you're paid to peddle this myth but you really ought to come up with something new, like actual facts. Ah, no, sorry, that's exactly the problem, isn't it? If you remained with the facts it would all get even more embarrassing, wouldn't it? Don't you think that your time and the company would not be better spent on coding an OS that is actually suitable for a 21st century IT environment instead of still being so deficient that only someone suffering from insanity (or a serious degree of masochism) would hook up a raw box to the Internet, whereas NO other modern OS has any problems with that out of the box?

            You see, it is exactly the fact that you cannot acknowledge that is a frankly piss poor performance of a supposedly modern OS that stops you from fixing it. Stop pretending that it is even NEAR beta quality and produce something that is decent for a change. I know it would be a total shock to the system, but especially now you're seeking to entrap people into a subscription model it would be good demonstrated that people actually get something for their money because on raw ROI Windows has been performing badly for quite some time, and this latest debacle is not exactly helping if I start adding up all the resources and FTEs I'd need to keep this anywhere near safe to use.

            1. Anonymous Coward
              Anonymous Coward

              Re: All versions on windows.... again

              "I know you're paid to peddle this myth but you really ought to come up with something new, like actual facts"

              I see we have another deluded Apple user. The facts are from Secunia and NIST among others and the links to the vulnerability lists have been posted here plenty of times before.

              See for instance https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_vendor=cpe%3a%2f%3aapple&cpe_product=cpe%3a%2f%3aapple%3amac_os_x&cve_id=

              Everything you say applies even more to OS-X.

            2. Fatman Silver badge
              Joke

              Re: All versions on windows.... again

              <quote>Oh hello Redmond marketing department, really? You really want to try and spin that one here, and really right now? </quote>

              Oh, come on now, give Loverock Davidfson a break; it must be lonely in that dimly lit basement.

          2. Kiwi Silver badge
            Linux

            Re: All versions on windows.... again @ MS shill AC

            ...more insecure than even Windows XP.

            Seriously.

            You want to use that argument.

            In a comments thread on an article that talks about USB STICKS INFECTING WINDOWS IN 2015!!!

            How fucked in the head do you have to be to still defend them after all this crap? Doesn't the shame and self-disgust make you want to end your life in some fittingly painful manner? Surely even MS could not pay someone enough to lower themselves to such a point as to actually defend them after something as bad as this?

            I guess the reason you haven't ended your own life is evident though - you obviously are seriously mentally deficient, which begs the question how did you escape from hospital?

  9. steamnut

    Bugs in Edge? Really?

    It defies belief that a "brand new" browser, aka Edge, has so many flaws less than a month from the release of Windows 10. It makes you wonder just how much of Edge was really a re-write / build from scratch. I'm thinking it shares a lot of IE's codebase hence the vulnerabilities.

    And to think that Vista was supposed to the be best tested OS ever.....

    1. Anonymous Coward
      Anonymous Coward

      Re: Bugs in Edge? Really?

      I just wish that Edge was more standards compliant: CSS3 allows you to set an image source with content:url{"my.jpg"} but not IE or Edge.

    2. TheOtherHobbes

      Re: Bugs in Edge? Really?

      >It defies belief that a "brand new" browser, aka Edge, has so many flaws

      No. It really doesn't.

      Meanwhile at Hobbes Towers we've just discovered that Wurd 2013 on Win 8/10 uses the same rendering engine as IE11, which means text looks like jagged crap.

      MS took out a feature that worked in Win 7 and replaced it with crap code that everyone who uses Wurd has to look at every day.

      That's how awesome MS is.

    3. Ken Hagan Gold badge

      Re: Bugs in Edge? Really?

      " It makes you wonder just how much of Edge was really a re-write / build from scratch."

      Where did you get that idea? I thought Edge was fairly clearly presented as "Starting from the IE codebase, we took out all the backwards compatibility hacks.". The idea is that it will then be easier to maintain the less-hacked-about codebase. I'm not aware of anyone claiming that it was a completely new engine. (As you hint, given previous and completely discredited claims of a "total re-write" regarding Windows itself, any such claim for Edge would have been laughable.)

  10. something_or_another

    Every one of these has one thing in common .....

    Shitty devs!! Go ahead and start your thumb-downs, whatever! When are these asshats gonna be let go...... or the hiring managers?

    These bottom feeders continue to put everyone at risk .... they get their check then check out. Not an ounce of pride of ownership. Case in point .... I was told we still use flash because "HTML5 is too hard." Yeah, too hard .... as they use Slack to access Jira so they don't have to VPN. FIRED - 2 PEOPLE ..... the person that choose to pay for Slack, and the fuck that chose to spend the time to integrate Slack + Jira instead of fixing the critical vulns that have been pointed out .... that they don't understand. But no!!! "We appreciate their creativeness. " What the fuck ever!

    1. Antonymous Coward
      Thumb Up

      Re: Every one of these has one thing in common .....

      Fine rant!

  11. Anonymous Coward
    Anonymous Coward

    I suggest

    That "goat" devices be deployed which appear to contain vulnerabilities and interesting-but-useless information such as credit *s with limited funds and dummy datasheets, spreadsheets etc.

    Should be possible to emulate a typical out of date patched Windows b0xen on an Arduino and this could log number of attacks on a small display for training purposes etc.

    1. Anonymous Coward
      Anonymous Coward

      Re: I suggest

      They are called honeypots, anon.

      However, these too need maintenance. I suppose even more than the real stuff.

      The sad real-life situation is that even the real stuff does not get the maintenance it needs ("You need to maintain this server? But Microsoft is issuing patches regulary, what do you need to do? Don't be a weasel!")

      1. Anonymous Coward
        Anonymous Coward

        Re: I suggest

        They are called honeypots, anon.

        That's a later development. It sort of started with Fred Cohen's Deception Toolkit (DTK), created just before we got distracted by Y2K. The DTK does more or less what the OP described.

        I find it useful to go back to origin of ideas, because you find that later developments tend to cherry pick aspects of it and discard others that may have value in their own right.

        An example of that is referring to the novel "1984" where what you really ought to do is go back to the whole Jeremy Bantham "panoptikon" theory, because you then also pick up that this is about advanced, long term mental manipulation and, more importantly, that that idea was meant for prisoners...

        1. Anonymous Coward
          Anonymous Coward

          Re: I suggest

          Alas, we're all prisoners...

          1. earl grey Silver badge
            Thumb Up

            Re: I suggest

            I am not a number. i'm a free man!

            1. Measurer
              Joke

              Re: I suggest

              I'm an instantiated object...

          2. Fred Flintstone Gold badge

            Re: I suggest

            Alas, we're all prisoners...

            At least it's not my own device..

  12. Compression Artifact
    WTF?

    After 15 minutes spinning its wheels in "checking for updates" mode apparently doing nothing I was starting to get a little concerned, since this was an all-time record. But after another 15 minutes it finally got on with it.

    1. Richard Jones 1
      Unhappy

      I thought that the mind numbing sloth was just a Vista update thing, Windows 10 was slow in the early morning but not glacial but I see a Win 7 machine waiting, waiting, waiting but not getting anywhere at the moment. I slightly suspect that they are queuing machines as the download itself is not too terribly slow once you get the list of updates. Interestingly, on a windows 7 machine the only update ticked was the one for Windows 10. I had to make a manual 'tick all' and remove the windows 10 tick to preserve user sanity and domestic peace.

      The Windows 10 update fails anyway unless run from media not the download.

    2. Fatman Silver badge
      Joke

      WindblowZE Updates.....

      <quote>After 15 minutes spinning its wheels in "checking for updates" mode ....</quote>

      Which is one thing I really like about the Synaptic Package Manager. You can get it to show the progress of both the download, and the application of the packages (should you choose to do so) in an attempt to be assured that your b0x isn't frozen.

      Can't say that about WindblowZE.

  13. J J Carter Silver badge
    Big Brother

    That USB one was requested by GCHQ/NSA for when they took your laptop at airport securidee theatre to 'swab for explosives'

  14. DerekCurrie Bronze badge
    Holmes

    35 CVEs patched in Adobe Flash and AIR

    "Adobe has posted an update to fix 34 CVE-listed vulnerabilities in Flash Player."

    Nope. 35 CVEs. I counted twice, just to be sure. Only two of them currently have descriptions up on Mitre.org. But Adobe provides a list of general problems and associated CVEs in their new Flash/AIR security bulletin:

    https://helpx.adobe.com/security/products/flash-player/apsb15-19.html

    1. Anonymous Coward
      Anonymous Coward

      Re: 35 CVEs patched in Adobe Flash and AIR

      Well that's good news. One fewer for next week. :-|

  15. This post has been deleted by its author

    1. werdsmith Silver badge

      If your over-active imagination allows you to enjoy gloating, then more power to your over-active imagination.

      1. Will Godfrey Silver badge
        Unhappy

        Furthermore

        I might give a sigh of relief when some other OS get's attacked, but I'd never gloat. It's not the lump of hardware that suffers, or even the vendors. It's the ordinary people who have no way of defending themselves.

        1. This post has been deleted by its author

          1. Mark 65 Silver badge

            Re: Furthermore

            And that choice may well suit you. However, some of those others may have made that decision because they need to use a certain software package that only runs on Windows - I've heard there's a few.

          2. werdsmith Silver badge

            Re: Furthermore

            I'm gloating because I made the correct and educated choice which has saved me from a large percentage of such headaches over the last decade or so.

            You are imagining headaches and people running around like crazy.

            In real life, these type of events are frequent enough that there are well established processes for dealing with them and they are taken comfortably in stride. It's virtually a non event.

            If people can't handle these things easily then they are incompentent and just having OpenBSD isn't going to help much.

    2. Anonymous Coward
      Anonymous Coward

      "Whilst you lot are all running around like crazy trying to secure your machines, I'm sitting here relaxing in front of four OpenBSD boxes that don't run flash."

      I really misread that. I thought you were complaining that your OpenBSD boxes didn't flush.

      1. Kiwi Silver badge
        Joke

        @AC

        I really misread that. I thought you were complaining that your OpenBSD boxes didn't flush.

        Maybe he meant that their performance was crap?

        Note the icon - I know I started out to run BSD for my first server but somehow ended up with Debian, can't remember why. I've never actually run BSD but I do expect that it would be an experience that would have me (again) scratching my head and saying "why do people still run that MS shiteware?]

  16. Anonymous Coward
    Anonymous Coward

    Would simpler CPU's be less powerful? Would simpler OS's make life difficult for the user?

    I thought the Z80 with 55 thousand transistors was a complicated enough design. I wonder if it would be possible 64 bit CPU that used only 250,000 transistors and had simple floating point or Unum. http://insidehpc.com/2015/03/slidecast-john-gustafson-explains-energy-efficient-unum-computing/

    I always want to do things the simple way but everyone else is up for flowery elaboration. I can't win!

    1. Anonymous Coward
      Anonymous Coward

      "I always want to do things the simple way but everyone else is up for flowery elaboration. I can't win!"

      Likewise!

      I fancy the "flowery elaboration" is always an avaricious ruse.. management consultants, web appliance engineers, lawyers, sanitary apparatus engineers, politicians...

  17. Robert Ramsay
    Happy

    Thank you for this useful service

    Please can you do this list every Patch Tuesday? It's really good to see the list of fixes without having to go back and forth to Microsoft's KB for each one.

    1. Hargrove

      Re: Thank you for this useful service

      Well bloody f#@King hell!

      First, I second RRs sentiment in spades. We cannot fight what we cannot see, Situational awareness is a first essential step.

      The broader issue is that the background update process goes on continuously, from multiple vendors. At least some of these, according to the information the third party vendors provide, may include bug fixes and updates unrelated to the security vulnerability fix. The code is considered proprietary.

      The bottom line is that the users, including large entities who operate ISP/Hosting services, government data bases and now the everlovin' f--ing cloud, have no visibility into what the actual system configuration looks like and what the code actually does.

      Security demands situational awareness. And we have none.

      Problems often present in that worst of forms. . . intermittent.

      I live in a third world county in Virginia, USA, and am limited to satellite internet. The closest nodes in the internet are in the Richmond--DC--Baltimore corridor. And, I'm using W8.1 What could possibly go wrong.

      I spent the better part of day earlier this week trying to track down why nine out of ten of my e-mails were timing out on the outgoing server. The answer from my ISP was, we know there's a problem, we just haven't been able to track it down. I know of a similar situation with a DoD site. It refuses to deliver pages to certain users. The service desk has been able to confirm have these users have authorized access that the system is recognizing and accepting. The answer--we know this happens for some number of users, we don't know why. In this case, reality rises to bite us in the butt. The guv needs for a contractor to fix the problem. There is no contract.

      In the meantime, users get to piss away countless hours and money trying to troubleshoot problems that may, or may not, be on their system.

      As a user, with a lot of history but waning chops in this technology, I find this insane.

      For the Register, we of British heritage, are a proud lot. Please speak (or write) the language. Just because some fumble fingered jackass makes a typing error, doesn't mean that it needs to be adapted as the queen's English. All the jargon and geek (or in this case leetspeak) does is force us crotchety old men to look the damned term up. The technical jargon that is over my head, I don't mind. Smarter folks than I are communicating important things to one another. But pwn? Olease!

      NB. pwn may, in fact, not be due to fumble fingers. The writer may be stuck with the version of the MS ergonomic keyboard I'm using--which for my convenience has changed the size and repostioned keys relative to the MS ergonomic keyboard it replaced.

      It is to weep.

      1. Anonymous Coward
        Anonymous Coward

        Re: Thank you for this useful service

        We cannot fight what we cannot see, Situational awareness is a first essential step.

        Not if you're Microsoft. If it was too visible just how much patching is happening it is possible you could be motivated to search for alternatives, and executives would look stupid for making that choice. Especially the latter admitting they made a mistake is what keeps Windows firmly entrenched, so don't expect any help soon to make it easier to identify the costs and threat to your company.

        1. Pascal Monett Silver badge

          Re: "admitting they made a mistake is what keeps Windows firmly entrenched"

          Sorry, but I cannot agree.

          What keeps Windows so firmly entrenched is the fact that 95% of the market have been using it since it started, and are so used to it that they cannot change. That is why TIFKAM was such a disaster - it went against user habits.

          It is for that reason that Microsoft keeps so strongly away from "rebuilding from scratch". The only thing that keeps Microsoft on the market is the fact that their OS remains compatible with legacy applications.

          The day that compatibility dies is the day Microsoft folds, because companies - especially the Fortune 1000, are very ready to change for a free OS if they have no choice. So Microsoft stays compatible with legacy so as to give them no choice.

      2. Anonymous Coward
        Anonymous Coward

        Re: Thank you for this useful service

        >I live in a third world county in Virginia...

        Arlington?

        Do you lurk among us for pleasure or professionally?

  18. Michael Habel Silver badge

    So did kb3035583 make yet another comeback this month or did MicroSoft finally take the hint that I just don't want to see their nagware?

    1. Chika

      Microsoft take hints?

      Well possibly but only if they stand to lose actual money.

    2. Pascal Monett Silver badge

      Microsoft never takes hints.

      It only takes an entire market failure to the face.

      And I have a feeling another one is in the making.

  19. jobi1

    Ahhh, Swiss Cheese™ springs to mind.

    Anyone fancy a slice?

    1. Antonymous Coward
      Gimp

      "Anyone fancy a slice?"

      About 95% of the market. Apparently.

  20. James Pickett

    "targeted attacks against customers"

    as opposed to..?

  21. Nunyabiznes

    Nobody has brought up the fact that if someone nefarious has physical access to your computer you are pwned. I don't care what bandwagon OS you are trumpeting on about, if you don't have physical security you sure don't have electronic security.

    1. Anonymous Coward
      Anonymous Coward

      "Nobody has brought up the fact that if someone nefarious has physical access to your computer you are pwned. "

      Not if the PC runs Windows with Secure Boot and Bitlocker with Microsoft recommended settings for a domain member, and is powered down when not in use. No known way round that so far.

      1. Kiwi Silver badge
        Linux

        Not if the PC runs Windows with Secure Boot and Bitlocker with Microsoft recommended settings for a domain member, and is powered down when not in use. No known way round that so far.

        Hmm.. Secure boot.. You mean that thing that Lenovo has recently shown is broken beyond belief, because windows will bend over and take any code loaded in the right place in the BIOS without so much as a cursory AV check before execution?

        Haven't tried Bitlocker yet (and never will), but given MS's past approaches to security I am quite certain that someone soon will find that a) there is a hard-coded backdoor and b) the key to that backdoor is "passw0rd". Probably a secondary backdoor in case the first one fails - "12345".

        As to the "domain" bullshit.. How many home users are set for that?

        Want security? Don't run Windows.

        I know I know.. Don't feed the trolls.. That reminds me, I'm fresh out of rat poison..

  22. F0rdPrefect
    Devil

    USB device = mobile phone?

    MS15-085: One CVE-listed flaw in Windows Vista through Windows 10 allows an attacker to gain administrator-level access if they plug in an evil USB device. "The vulnerability could allow elevation-of-privilege if an attacker inserts a malicious USB device into a target system. An attacker could then write a malicious binary to disk and execute it," according to Microsoft.

    So when a member of staff plugs their mobile into a secure PC on a secure network where IT are still testing if these patches are safe to install, one does wonder if the phone could have been converted into an evil USB device by the playing of some free game.

  23. R. Vail

    Most PC's allow booting directly from a USB thumb drive. So: as long as there's physical access to the machine, one could then boot Ubuntu (or whatever operating system) completely independent from the installed operating system, then copy over whatever files might be of interest. That's provided Bitlocker or other encryption has not been enabled.

    1. TheVogon Silver badge

      Bitlocker is enabled by default in Windows 10. Not with the most secure possible settings mind you, but it's still on which makes accessing a disk via booting from USB somewhat more challenging...

      1. Kiwi Silver badge

        Bitlocker is enabled by default in Windows 10. Not with the most secure possible settings mind you, but it's still on which makes accessing a disk via booting from USB somewhat more challenging...

        That's a bit of a stupid move from a data recovery POV. Is it clearly explained to users before being done that unless they have regular backups (which experience tells me less than 1% of computer users do) then they're all-but guaranteed to lose their data?

        I understand the reasoning behind full disk encryption[1], but forcing it on people could be a problem because users simply do not grasp the need for backups. They see machines run for year after year with few if any problems, they have no concept how quickly disks can fail when something does go wrong.

        I hope MS makes a decent effort to educate people about backups, and get a nice simple system back like that which was in XP, not sure on 7 but the one on 8 was nasty from a computer illiterate home user POV.

        [1]The servers that handle customer databases and other customer data/files are completely encrypted and as secure as we can make them. Outside of these and a few other things that handle people's data, I do not myself use any encryption. For most people it's simply another level of unnecessary complexity.

    2. werdsmith Silver badge

      "Most PC's allow booting directly from a USB thumb drive."

      Most PCs? Most domestic ones?

      I suppose if the admins had left the BIOS settings unprotected by password, and not disabled boot from devices other than C: then such an oversight would leave you open to more attacks than just this one.

      But I've not used a corporate PC that has that left open, or indeed not fully encrypted for years, its near the top of the sysadmin to do list.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019