Contact Us! 469-272-0777

LiveZilla Live Help
 

AspireTech Blog

AspireTech has been serving the Mansfield area since 1999 , providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

How 2 Keystrokes Can Bypass the Security of Windows

How 2 Keystrokes Can Bypass the Security of Windows

Usually, when a troubleshooting feature is put in place, it is meant to assist the user in resolving an issue. However, one such feature in Windows 10 could ultimately lead to more problems, as it also can serve as a free-ride vulnerability for an opportunist bystander.

Security expert Sami Lailo discovered that if someone keys in Shift + F10 during a ‘Feature Update’ in Windows 10, they are able to access a Command Prompt window with Admin privileges. Compounding this with the fact that Microsoft updates disable BitLocker while they are in progress, means that someone could feasibly access the hard disk without the aid of any external device.

If that someone happened to be ill-intentioned, they could potentially wreak havoc through the command-line interface. Admittedly, the perpetrator would have to move quickly, but if they had come in with a plan and the foreknowledge of a Feature Update being implemented, they would have plenty of time to do what they had come to do.

Lailo reached out to Microsoft, and the company is now working to resolve this issue.

The current fix? Don’t leave an updating workstation unattended, despite the long periods of time updates can sometimes take.

Once Microsoft releases a patch, businesses and organizations will want to apply it. Keep in mind, any AspireTech clients on our managed services will have the update applied once it is tested. Give us a call at 469-272-0777 to learn more.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 09 August 2020
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

QR-Code

Tag Cloud

Security Tip of the Week Technology Best Practices Cloud Business Computing Network Security Hosted Solutions Privacy Productivity Hackers Email Innovation Efficiency Malware Backup Internet Mobile Devices Data VoIP Google Business Workplace Tips Data Backup Microsoft Data Recovery Hardware IT Support IT Services communications Software Disaster Recovery User Tips Outsourced IT Managed IT Services Cybersecurity Smartphones Business Continuity Phishing Communication Productivity Computer Internet of Things Small Business Cloud Computing Collaboration Upgrade Network Android Saving Money Managed IT Services Miscellaneous Browser Server Gadgets Business Management Smartphone Tech Term BDR Windows Mobile Device Automation IT Support Artificial Intelligence Save Money Ransomware Windows 10 Chrome Social Media Cybercrime Users Office Passwords Windows 10 Quick Tips Mobility BYOD Microsoft Office Virtualization Holiday Computers Managed Service Bandwidth Facebook Managed IT Employer-Employee Relationship Mobile Device Management Information Networking Training Office 365 Windows 7 Social Engineering Spam Telephone Systems Encryption Avoiding Downtime Recovery Data Security Information Technology Blockchain Mobile Office Wi-Fi Managed Service Provider Remote Monitoring Operating System Firewall Router How To Remote Work Mobile Computing Applications Two-factor Authentication Compliance Data Breach Wireless History Paperless Office Government Gmail VPN Business Technology Software as a Service App Settings Proactive IT Vendor Management Redundancy Big Data Apps Telephone System Private Cloud Help Desk Website Human Resources Application Patch Management Data Storage Alert Health Business Intelligence Money Meetings Mouse Budget Access Control Hacking Word Data Protection Servers File Sharing Lithium-ion battery The Internet of Things HIPAA Law Enforcement WiFi Marketing Hacker Education Machine Learning Manufacturing Voice over Internet Protocol Managed Services Provider Identity Theft Apple Downtime Data Management Staff Vulnerability Bring Your Own Device Virtual Private Network Remote Computing User Error Infrastructure Display IT Management Risk Management Analysis Document Management Google Drive Office Tips Biometrics Employee/Employer Relationship Sports Connectivity Robot Work/Life Balance OneNote Safety Retail Telephony Healthcare CES Virtual Assistant Update Smart Tech Keyboard Data loss SaaS Digital Signage YouTube GDPR Black Market Saving Time Fax Server Cables Google Docs USB Content Management Spam Blocking Covid-19 Procurement Environment Content Filtering HaaS Solid State Drive Network Congestion Wireless Technology Humor Cleaning Printers Credit Cards Professional Services eWaste Data storage IT solutions Virtual Reality Scam Streaming Media Processor Fraud Value Windows Server 2008 Audit Vendor Entertainment Shadow IT Password Project Management Hard Drive Social Business Owner Running Cable Regulations Workers Going Green Cryptocurrency Botnet Internet Exlporer Comparison IT Plan Save Time DDoS Public Cloud Augmented Reality Unsupported Software Hard Drives Knowledge Flash Emails Remote SharePoint Touchpad Administrator Smart Devices Evernote Shortcut Recycling Excel Distributed Denial of Service Smartwatch Using Data PDF Business Cost Managing Stress Remote Worker Remote Maintenance Millennials Devices Software Tips Memory IT Consultant Sync Instant Messaging Webinar Video Conferencing Microchip Virtual Machine Customer Relationship Management Wireless Charging Students Criminal Database IoT Root Cause Analysis Employee Window 10 Best Practice Digitize Wiring IT Infrastructure Programming Workforce Thought Leadership Physical Security Leadership IT solutions Supply Chain Management Antivirus Search Engine Hypervisor Customer Service Fiber-Optic Distribution iPhone Operations IT Assessment Bluetooth IT service Investment Telecommuting Content Filter Charger Skype Managed Services Bing Electronic Health Records Logistics Analyitcs Insurance Hosted Solution Screen Mirroring IaaS Files Google Search Projects OneDrive Domains NarrowBand E-Commerce ROI Storage Unified Threat Management HBO webinar Start Menu Unified Communications Practices Cast Colocation Net Neutrality Computing Uninterrupted Power Supply Copiers Camera Twitter Computer Care Frequently Asked Questions Conferencing Mobile Windows 10s Peripheral Shortcuts Employee/Employer Relationships Theft HVAC Biometric Security Multi-Factor Security Hosted Computing Science Computing Infrastructure ISP Fiber Optics Development Chromecast Windows Server 2008 R2 Addiction Samsung Tip of the week Quick Tip eCommerce Bitcoin Virtual Desktop Cortana Enterprise Content Management Trend Micro Proactive 5G Trending Inventory Windows 8 File Versioning Tech Support Messaging Cache Tools Digital Signature PCI DSS Outlook Batteries Google Apps Password Management Multiple Versions Shopping WIndows 7 Remote Monitoring and Maintenance OLED Bloatware Lifestyle Transportation Data Warehousing Tablet End of Support SMS Amazon Wireless Internet NIST Strategy Computer Fan Policy Wearable Technology Monitor Remote Workers Restore Data Social Network Line of Business Cabling Entrepreneur Authentication Internet exploMicrosoft Legal AI Warranty Azure Amazon Web Services Wire Password Manager FENG Procedure Security Cameras Managed IT Service Consultant Maintenance Backup and Disaster Recovery Printing MSP Default App Nanotechnology Tablets Advertising Current Events Contracts Laptop Printer RMM Social Networking Online Shopping Smart Office Business Mangement Safe Mode Travel Accountants FinTech Relocation Business Analytics Best Available Notifications Cryptomining Personal User Proactive Maintenance Specifications Electronic Medical Records