Menu
Kim Kardashian Leaked Photos Backlash

Kim Kardashian Leaked Photos Backlash

Mazda Miata 2016 model revealed

Mazda Miata 2016 model revealed

The Sexiest Halloween Costumes of 2014

The Sexiest Halloween Costumes of 2014

Miley Cyrus New Butt Gets in Trouble with Law

Miley Cyrus New Butt Gets in Trouble with Law

Larry Ellison Steps Down as CEO of Oracle

Larry Ellison Steps Down as CEO of Oracle

1 Billion PCs At Risk As Windows Error Reporting Sends Reports In Clear

Jan 1 2014, 12:26pm CST | by , in News

 
 

This sounds like a remarkably alarming warning: as many as 1 billion networked PCs around the world are allegedly at risk because Windows Error Reportin (aka Dr. Watson) sends its report in the clear. And those reports do include machine tupe, OS, version of OS, which system packs have been installed and so on. All of the information that a hacker usually is interested in to see what tools, if any, he will need to be able to access the machine.

The warning comes from Websense:

Websense® Security Labs™ recently processed a sample data set from the Websense ThreatSeeker® Intelligence Network to investigate the security risk from popular applications and services. We determined enterprise and public sector networks are inadvertently leaking information, which could be used by a threat actor as intelligence to craft specific attacks and compromise networks.

One troubling thing we observed is Windows Error Reporting (a.k.a. Dr. Watson) predominantly sends out its crash logs in the clear. These error logs could ultimately allow eavesdroppers to map out vulnerable endpoints and gain a foothold within the network for more advanced penetration. Here’s more on why that’s a concern:

80 percent of all network-connected PCs use it – that’s more than one billion endpoints worldwide
Dr. Watson reports information that hackers commonly use to find and exploit weak systems such as OS, service pack and update versions
Crashes are especially useful for attackers since they may pinpoint a new exploitable code flaw for a zero-day attack
Information is also sent for common system events like plugging in a USB device/>/>/>

Now it is true that this information is hugely valuable to Microsoft and also to the rest of us. For it’s what is used to try and make the operating system, Windows, work better over time and given the number of us that still use it that’s a highly desirable outcome.

However, there are a number of problems with it being sent in clear. For a start, anyone gaining access to that flow of information obviously has a great deal of information about where Windows is currently failing. That’s a great start to finding the vulnerabilities and flaws that allow the design of exploits.

It’s not entirely simple to gain access to that error reporting traffic but it most certainly can be done with a variety of man in the middle methods. Or, more importantly, if, just as an example of something unlikely, a spy agency had fibreoptic links into the backbone it could deliberately sniff for such traffic. And this would give it a lovely database of those machines that haven’t been updating their service packs and thus have known vulnerabilities.

It’s a rather large and gaping hole that much of this traffic is moving unencrypted. Websense don’t suggest not sending the reports of course: the improvements that come from the information are too valuable for that. However, they do suggest that computers on any network should be sending their reports to a local server, within the network, there to be encrypted before being sent off to Microsoft.

Source: Forbes

You Might Also Like

Updates

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Comments

blog comments powered by Disqus

Latest stories

Former Titan Rob Bironas, Terry Bradshaw&#039;s son-in-law, died Saturday night
Former Titan Rob Bironas, Terry Bradshaw's son-in-law, died Saturday night
Former Tennessee Titan Rob Bironas died Saturday night after a single-car wreck. Terry Bradshaw missed FOX Sports coverage of the NFL on Sunday afternoon.
 
 
Music Midtown 2014 Blasts Through Piedmont Park
Music Midtown 2014 Blasts Through Piedmont Park
Music Midtown's one of Atlanta's biggest concerts and festivals and this year the stars came in droves. Eminem headlined while Jack White, John Mayer, Iggy Azalea, and Lorde all made their mark.
 
 
Upcoming &#039;Bond&#039; Film To Begin Filming In December
Upcoming 'Bond' Film To Begin Filming In December
Main villain to be physically imposing character.
 
 
Rihanna Leaked Photos also Found In latest Hacker Scandal
Rihanna Leaked Photos also Found In latest Hacker Scandal
This weekend another big leak of private celebrity photos has hit the web. First time victims Kaley Cuoco and Jennifer Lawrence are hit again and now reports surface that Rihanna's private photos are also among the leak pics.
 
 
 

About the Geek Mind

The “geek mind” is concerned with more than just the latest iPhone rumors, or which company will win the gaming console wars. I4U is concerned with more than just the latest photo shoot or other celebrity gossip.

The “geek mind” is concerned with life, in all its different forms and facets. The geek mind wants to know about societal and financial issues, both abroad and at home. If a Fortune 500 decides to raise their minimum wage, or any high priority news, the geek mind wants to know. The geek mind wants to know the top teams in the National Football League, or who’s likely to win the NBA Finals this coming year. The geek mind wants to know who the hottest new models are, or whether the newest blockbuster movie is worth seeing. The geek mind wants to know. The geek mind wants—needs—knowledge.

Read more about The Geek Mind.