Tuesday, March 15, 2016

Windows 10 installs itself in your computer without your permission

The Microsoft aggressiveness is starting to worry even to their defenders: Windows 10 is installing itself in computers without the owners permission, hidding behind a security update. We'll expand this information, as well as a video where we see a thief  converting a store card reader in a "skimmer". We'll also talk about a study which reveals the majority of vulnerabilities detected with scanners are false positives and we'll finish with an interesting macro virus.

According to dozen affected on Reddit, Microsoft would be updating automatically computers with Windows 7  to Windows 10 . This update would be happening without the user's permission and even with the automatic updates option disabled. We must remind to whom doesn't like the new system that they have 30 days to go back to the previous version.

The switch

But who are really shameless are these people: Miami Police has published a video where we see two thieves in a fuel station. One of them distracts the employee and the other one gets access to the card reader and to install a "skimmer" to recollect the credit card numbers and the password keys stored in the device. The "operation" only takes 3 seconds, proving the criminals have great skills.

89% false positives

From here we go to the other side, where the "good guys" who try to defend us from cybercrime. In the NullCon convention, a NCC Group researcher has presented a study made with a vulnerabilities automatic detection scan. The result is surprising: the average of false positive was 89%, being the best result a 50%.

Selective malware

We finish with another interesting analysis, from Palo Alto Networks, about a macro virus in expansion. PowerSniff uses Microsoft´s PowerShell  to install itself directly in the memory and doesn't leave a footprint. When it is inside, it tracks the computer using keywords, searching evidences of being in the system of a financial institution. If it detects it's in a school, hospital or expert security computer, it doesn't activate.

These virus are increasingly smarter!


Post a Comment