Jump to content
  • Microsoft demoes hacker attacks on PCs with no TPM, VBS, and more

    aum

    • 997 views
    • 2 minutes
     Share


    • 997 views
    • 2 minutes

    Microsoft's new Windows 11 has a ton of security-based features baked into it like Trusted Platform Module (TPM 2.0), Virtualization-based Security (VBS), and more, which - much to the annoyance of certain users - have lead to some strict system requirements. While they were still present in Windows 10, they weren't however enforced on users unlike now in Windows 11.

     

    The company though has defended its position and recently, David Weston, Partner Director of Enterprise and OS Security at Microsoft, explained why these features have played a key role in ensuring a secure experience for Windows 11 users.

     

    1633938581_windows_11_security_story.jpg

    Not just that but the firm also presented a video demo - starring Weston - that shows how potential hackers could easily gain access to such vulnerable machines that don't have these features. The video shows how hackers can gain control of a vulnerable device both remotely or locally to infect such systems with malicious payloads like ransomware or steal user authentication data. The video is meant to really drive the point home that such features are indeed crucial for a secure Windows 11 environment.

     

    The first part of the video shows the successful exploitation of a vulnerable open remote desktop protocol (RDP) port to gain administrator access and distribute mock ransomware on a Windows 10 PC that didn't have TPM 2.0 and Secure Boot enabled.

     

    After that, Weston demonstrates local exploitation of the user login via fingerprint authentication process on a PC without VBS. A PCILeech was used to gain access to the memory on the vulnerable system and modify the biometric authentication code that can let a potential attacker bypass the biometric authentication process.

     

    You can watch the full video and find more details in the source link below.

     

    Source: Microsoft Mechanics (YouTube)

     

    Source

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...