Jump to content
Login new information ×
Login new information

Windows Error Reporting could leak data that hackers can exploit

Reefa

By Reefa
in Security & Privacy News

 Share

Recommended Posts

Reefa

Reefa

Posted
Posted

Research carried out by Websense Security Labs shows that data sent from computers through Microsoft Error Reporting could be intercepted by hackers and used to formulate an attack. The problem stems from the fact that crash reports are transmitted in a very easily interpreted form, and they can contain quite detailed information about the systems from which they were sent -- information that could be easily exploited by a hacker.

microsoft_logo_3_13.jpg

The research points out that while the sending of error reports to Microsoft in the event of a system or application crash usually requires user confirmation, there are instances when data is transmitted without any user interaction. For example, when a new USB device is connected, details of the device as well as information about the host computer such as the version of Windows that is in use, what Service Packs are installed, BIOS version number and much more.

This may seem like fairly innocuous data, but for a hacker targeting a large corporation, it is invaluable. It makes it possible to pinpoint weaknesses in a network, target known security holes and more. The frequency at which error reports may be generated means that it would be very easy for a potential hacker to build up a detailed picture of a company's network.

As Websense points out, "crashes are especially useful for attackers since they may pinpoint a new exploitable code flaw for a zero-day attack."

This is obviously going to be of concern to any business, but there are steps that can be taken to help minimize the risks:

"Websense recommends that organizations set group policies (when possible) to force encryption on all telemetry reports and periodically audit their own network and applications for inadvertent leaking of information with security implications."

We have reached to Microsoft for comment, but we're yet to receive a response. We'll update this post as soon as we hear back.

Source:http://www.winbeta.org/news/windows-error-reporting-could-leak-data-hackers-can-exploit

Link to comment
Share on other sites
  • Replies 6
  • Views 1.4k
  • Created
  • Last Reply

Top Posters In This Topic

  • SPECTRUM

    2

  • Reefa

    2

  • geeteam

    2

  • Yorel

    1

Popular Days

Top Posters In This Topic

Popular Days

geeteam

geeteam

Posted
Posted

haha... funny enough, i don't even remember the last time i enabled that feature on my PC. I dont need to send error reports to Microsoft. I can solve my own problems kind curtesy Nsaneforums .

Link to comment
Share on other sites
Yorel

Yorel

Posted
Posted

haha... funny enough, i don't even remember the last time i enabled that feature on my PC. I dont need to send error reports to Microsoft. I can solve my own problems kind curtesy Nsaneforums .

Me too, I never send a report when I can't control what type of information I'm sending.

Link to comment
Share on other sites
SPECTRUM

SPECTRUM

Posted
Posted (edited)

haha... funny enough, i don't even remember the last time i enabled that feature on my PC. I dont need to send error reports to Microsoft. I can solve my own problems kind curtesy Nsaneforums .

for this reasons some bugs/issues take more time to be fixed, and later people complain why is not fixed more fast.

you should consider that more people could have similar troubles and having no idea about how fix it, and for these reasons sending reports is important, and not only in Windows, that function is present in others software too, like Firefox telemetry options.

so if you have this options available, make sure you have it enabled, may be that option is not useful for you, but is totally useful for the developers to solve these bugs/issues more fast for the rest of users, specially because these reports have more precise data, like debug logs of crashes, memory leaks, cpu usage, etc.

Edited by SPECTRUM
Link to comment
Share on other sites
Reefa

Reefa

Posted
  • Author
Posted

haha... funny enough, i don't even remember the last time i enabled that feature on my PC. I dont need to send error reports to Microsoft. I can solve my own problems kind curtesy Nsaneforums .

for this reasons some bugs/issues take more time to be fixed, and later people complain why is not fixed more fast.

you should consider that more people could have similar troubles and having no idea about how fix it, and for these reasons sending reports is important, and not only in Windows, that function is present in others software too, like Firefox telemetry options.

so if you have this options available, make sure you have it enabled, may be that option is not useful for you, but is totally useful for the developers to solve these bugs/issues more fast for the rest of users, specially because these reports have more precise data, like debug logs of crashes, memory leaks, cpu usage, etc.

Read this it's in more detail..http://www.nsaneforums.com/topic/200457-unencrypted-windows-error-crash-reports-a-treasure-for-nsa-hackers-alikein-more-detail/

Link to comment
Share on other sites
geeteam

geeteam

Posted
Posted

I completely understand you guys; I know what it take to submit a report but i have one Big Question


Does Microsoft Check for Windows Legitmacy When You Submit An Error Report?


Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...