A critical vulnerability in Windows 11 allowed attackers to escalate from a low-privileged user to full system administrator rights in just 300 milliseconds.
Sounds like a quicker way to login to me. What’s the downside?
Before you answer “security”, need I remind you that Windows has to my knowledge not ever been secure, unless you count when it’s still on the installation media and not yet inserted into the machine … yes, I too have used packs of Windows floppy disks in the past. I might still have a few hundred in a drawer somewhere.
9x was not secure. User credentials were only used to load a user profile, but there was no functionality to deny access to anything, and you did not need to log on with credentials.
NT and 2000 forward have been secure®, with actual permissions (file/folder, registry, services, etc) applied to user accounts.
Much of the crying about windows not being secure stems from people using admin-level accounts to do day-to-day things, and then getting tricked into clicking things they shouldn’t. Microsoft kind of mitigated this with UAC prompts, but the everyday user is “annoyed” by those, so people figure out how to turn UAC off, or just blindly click through the warnings. Hell, remember when the first UAC prompts out of Vista were “so annoying” that Microsoft had to scale back their frequency, because people didn’t like it?
This particular security situation is not any of the above. It stems from an actual code exploit. Which, by my reading, has been fixed?
Anyway - a vast majority of the “Windows is not secure” is a direct result of users running as root. Which you can do on any operating system.
To me it just sounds llike someone’s never hardened an enterprise and locked down windows machines effectively through cis alignment and some normal suite of tools, xdr, etc.
It’s easy to pick on windows because of Microsoft decisions over the years, but it’s also not impossible to lock it down effectively.
Sounds like a quicker way to login to me. What’s the downside?
Before you answer “security”, need I remind you that Windows has to my knowledge not ever been secure, unless you count when it’s still on the installation media and not yet inserted into the machine … yes, I too have used packs of Windows floppy disks in the past. I might still have a few hundred in a drawer somewhere.
9x was not secure. User credentials were only used to load a user profile, but there was no functionality to deny access to anything, and you did not need to log on with credentials.
NT and 2000 forward have been secure®, with actual permissions (file/folder, registry, services, etc) applied to user accounts.
Much of the crying about windows not being secure stems from people using admin-level accounts to do day-to-day things, and then getting tricked into clicking things they shouldn’t. Microsoft kind of mitigated this with UAC prompts, but the everyday user is “annoyed” by those, so people figure out how to turn UAC off, or just blindly click through the warnings. Hell, remember when the first UAC prompts out of Vista were “so annoying” that Microsoft had to scale back their frequency, because people didn’t like it?
This particular security situation is not any of the above. It stems from an actual code exploit. Which, by my reading, has been fixed?
Anyway - a vast majority of the “Windows is not secure” is a direct result of users running as root. Which you can do on any operating system.
To me it just sounds llike someone’s never hardened an enterprise and locked down windows machines effectively through cis alignment and some normal suite of tools, xdr, etc.
It’s easy to pick on windows because of Microsoft decisions over the years, but it’s also not impossible to lock it down effectively.