The security measures in Windows 10 S security are being questioned

Costea Lestoc By: Costea Lestoc
3 minute read

Home » News » The security measures in Windows 10 S security are being questioned

Security has always been a very important element when it comes to Microsoft and their Windows operating system. That being said, the tech giant has come out with an improved version of Windows 10 it calls Windows 10 S. Windows 10 S is claimed to be superior to the original in terms of security and for that reason, has drawn a lot of people in already.

One thing that needs to be said about Windows 10 S is that it doesn’t really like applications that don’t come directly from Microsoft’s Windows Store. What that means is that it will try and block all app installations if they come from other sources. It doesn’t even matter if they are native Win32 applications of if they were made for the UWP.

Microsoft is blocking access to important tools

Those thinking about using this version should also know that Microsoft is blocking access to some pretty important tools such as PowerShell, command prompt, and even the Linux subsystem. On top of that, some of the power user tools featured in Windows 10 are also unable to function.

What this all means is that Windows 10 S is a lot more limited in comparison with the original Windows 10. According to Microsoft, though, that’s what needs to be done for extra protection. It’s true that while all these features are disabled, the operating system is indeed a lot safer.

Security failure and the Desktop App Bridge dilemma

Even though all these harsh security measures do quite a bit to improve the overall security of Windows 10 S, it’s still not a flawless OS. In fact, it comes with one big loophole in terms of security, making the rest of its endeavors borderline useless: Microsoft is denying itself a completely secure OS through a feature they call Desktop App Bridge. What this feature does is it lets developers bring Win32 applications into the Windows Store. Obviously, this throws all the extra security previously obtained right out the door.

Testing the issues

Matthew Hickey from ZDNET went through a 3-hour long investigation in which he managed to get past Microsoft’s newly implemented defenses through a macro-based word file. The fact that this was possible shows that there is a big hole in the security-focused philosophy behind Windows 10 S. Here’s the detailed report on Hickey’s achievement as described by ZDNET:

“Hickey created a malicious, macro-based Word document on his own computer that when opened would allow him to carry out a reflective DLL injection attack, allowing him to bypass the app store restrictions by injecting code into an existing, authorized process.

In this case, Word was opened with administrative privileges through Windows’ Task Manager, a straightforward process given the offline user account by default has administrative privileges. (Hickey said that process could also be automated with a larger, more detailed macro, if he had more time.)”

RELATED STORIES TO CHECK OUT:

Join our community
windows report logo

Join our community of over 2 million active users and get the latest and most important Windows content on your email address.

Discussions

Next up

Google Chrome is unresponsive, relaunch now [Fix]

Milan Stanojevic avatar. By: Milan Stanojevic
11 minute read

Google Chrome is unresponsive, relaunch now message can appear in Chrome usually when you try to open a link. This error will force you to […]

Continue Reading

Xbox Wireless Controller error code 10 in Windows 10 [Fix]

Ivan Jenic By: Ivan Jenic
3 minute read

Windows 10 is the most versatile operating system in the world as Microsoft designed it to work with the high variety of peripherals and other […]

Continue Reading

How to fix video streaming problems in Windows 10

Elsie Otachi By: Elsie Otachi
11 minute read

Video streaming problems may occur due to several factors including Internet speed and the type of media player you’re using. If you’re experiencing video streaming […]

Continue Reading