Windows 10 S
June 27, 2017
Shah Sheikh (1294 articles)
Share

Windows 10 S

Windows 10 S, a latest version of Windows unveiled by Microsoft at the 2017 Developer Conference and primarily focused towards schools and the education sector. The operating system does not allow any applications other than those installed from the Windows Store to be on the system and is an additional step taken by Microsoft to enhance security.

Microsoft also claimed that the operating system cannot be attacked by any ransomware. To prove this, ZDNet hired a security firm to check if that is possible.

Attack

The security researcher had no access to the Command Prompt or Power Shell due to Windows Store applications on the system only. The researcher created a macro-based Word file and opening the file allowed him to launch a reflective DLL injection attack thus allowing him to bypass the Windows Store restriction since Word itself is available on the Store.

The file was then downloaded via a network share because if you download the file from the internet or an email, the macros on the file are disabled.

Windows S

After downloading the file, he downloaded the payload using Metasploit and connected the OS to his C&C server thus giving him remote access to the PC and allowing him to install ransomware on the system.

More details can be found here.

Source: http://www.zdnet.com/article/microsoft-no-known-ransomware-windows-we-tried-to-hack-it/