Hackers manage to unlock Windows RT tablets and run non-Windows OS
The latest Patch Tuesday update killed a major vulnerability that could have potentially let hackers unlock ARM-powered Windows RT tablets and install non-approved Windows programs. Fortunately for Windows RT tablet owners, Microsoft’s security engineers discovered this vulnerability before hackers exploited it.
The vulnerability would have allowed hackers to unlock the slab’s bootloader and load any operating system they wanted. Windows RT accepts only boot software cryptographically signed by Microsoft, which prevents users from running non-Windows OS on their RT tablets.
Many users have long been trying find a workaround to install Linux, Android and other OSs on their Windows RT tablet, to no avail. Apparently, they didn’t know where to look as it appears the vulnerability allowing them to do just that had been under their noses all the time.
A security feature bypass vulnerability exists when Windows Secure Boot improperly applies an affected policy. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded on a target device. In addition, an attacker could bypass the Secure Boot Integrity Validation for BitLocker and the Device Encryption security features.
To exploit the vulnerability, an attacker must either gain administrative privileges or physical access to a target device to install an affected policy. The security update addresses the vulnerability by blacklisting affected policies.
Windows RT has been a dying OS ever Microsoft decided to stop improving it. Mainstream support for the Surface RT is scheduled to end in 2017, while Windows RT 8.1 will be abandoned in 2018.
For more information about the content of the latest Microsoft Security Bulletin, check out Microsoft’s Security Page.
RELATED STORIES YOU NEED TO CHECK OUT:
- Companies are still relying on Windows Server 2003 with Windows Server 2016 knocking on the door
- Bing now offers malware and phishing warnings, protecting you better from threats
- Outdated Windows and IE versions still used by many companies, making malware attacks imminent
“A picture is worth a thousand words” is a popular English idiom and the quote perfectly describes digital marketing or marketing strategies in general that […]
While the winter arrives with the joy of Christmas, it also brings the freezing weather along. Of course, there’s the fireplace to warm you up, […]
Recent comments on Reddit would suggest that Microsoft is still not playing the game when it comes to collecting data on its users. This is […]