Microsoft's latest version of Windows 10, Windows 10 S, is billed as a much more secure version of the operating system — largely owing to its locked down nature. The OS can only run apps that have been vetted and allowed on the Windows Store, leading Microsoft to declare that "no known ransomware" runs on it. The folks at ZDNet decided to test that claim, and the results were pretty interesting.
After setting up a new Surface Laptop with Windows 10 S and installing the latest security updates, ZDNet contacted security researcher Matthew Hickey of Hacker House to see if he could bypass the Laptop's security. Remarkably, despite the inability to use common scripting tools available in full versions of Windows, Hickey was able to find a way in using a novel vector: Microsoft Word macros. From ZDNet:
Fortunately, the report points out, a "protected view" kicks in with documents downloaded from the internet or via email, blocking macros from running. Hickey was still able to run the macros by downloading a file from a network share, which Word treats as a trusted location. Doing so still requires macros to be manually enabled, however. ZDNet continues:
Hickey stopped short of installing ransomware, but system level access would allow him to do things like turn firewalls on and off, or tamper with system files. When reached for comment by ZDNet, Microsoft reaffirmed its stance that Windows 10 S isn't vulnerable to any known ransomware, stating:
On its face, the test looks troublesome, but it is worth considering the number of steps and social engineering involved would seemingly make an attack through this particular vector unlikely. But while Windows 10 S is much more locked down, and subsequently more secure, it's worth keeping in mind that, as ZDNet puts it, "nothing is unhackable."
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.