Skip to main content
  1. Home
  2. Computing
  3. News

Windows 10 S succumbs to attack via Word macro-based malware

By

Windows 10 S restrictions
Image used with permission by copyright holder
Microsoft produced its reduced-functionality version of Windows 10, dubbed Windows 10 S, for a few reasons. For one, it locks down app installs to the Windows Store and limits what users can do with the OS, and thus it’s easier to manage in restricted environments like educational institutions.

Another important reason is that by locking down various administrative tools and ensuring that only apps that have gone through the Windows Store vetting process, Windows 10 S should be more secure. That’s an important claim that deserves its own vetting, which is exactly what ZDNet did in a recent report.

Recommended Videos

In order to verify if Windows 10 S is actually safe from attack, ZDNet enlisted security researcher Matthew Hickey to see if he could get past the hurdles the OS places in front of hackers. After just over three hours of work, Hickey was able to break through Windows 10 S’s security features and install an illicit payload.

Related

Interestingly, it wasn’t Windows 10 S that was vulnerable to Hickey’s attack. Rather, it was Microsoft Word, which by itself has demonstrated its own vulnerability to attack because of its macro functionality. The version of Word that’s available in the Windows Store is capable of running macros, and that’s precisely the vector that Hickey used to break into the Surface laptop used for the test.

In addition, the attack didn’t involve the OS merely being hacked. Hickey injected a piece of malware into a macro-based Word document and loaded it from a local trusted network. That bypassed Office’s Protected View, which would have more explicitly blocked it if downloaded from the untrusted internet. However, Word still required Hickey to click on the “Enable Content” banner at the top of the Word document in order for the malware to execute and infect the system.

In spite of the fact that Windows 10 will not run the command line interface or the PowerShell, the malware was still able to grant Hickey administrator access to the machine and remotely control the machine from a cloud-based command and control server. Essentially, he was able to take complete control over the test system.

It’s important to note that running the Word macro did require user intervention, and so Windows 10 S was nevertheless more locked-down. For its part, Microsoft stands by its “no ransomware” statement regarding Windows 10 S, and the attack is likely not as much an indictment of Windows 10 S as it is of Microsoft Office’s macro functionality, which has been the source of other attacks. Perhaps most important, it reinforces the need for all of us to remain diligent with our systems, avoiding unsafe content when we can and never allowing anything to run on our systems that we do not fully understand.

Editors’ Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
The latest Windows update is breaking VPN connections
Windows Update running on a laptop.

Microsoft has acknowledged that the Windows security updates for April 2024 (KB5036893 for Windows 11, KB5036892 for Windows 10) are causing disruptions to virtual private network (VPN) connections across various client and server platforms. According to information on the Windows health dashboard, devices running Windows may experience VPN connection failures following the installation of either the April 2024 security update or the April 2024 non-security preview update.

The company has also stated that it is actively investigating user reports regarding these issues and will share more details in the coming days. The impacted Windows versions include Windows 11, Windows 10, and Windows Server 2008 onward.

Read more
Microsoft plans to charge for Windows 10 updates in the future
Windows 11 and Windows 10 operating system logos are displayed on laptop screens.

Microsoft has confirmed it will offer security updates for Windows 10 after the end-of-life date for the operating system for consumer users but for a fee.

The brand recently announced plans to charge regular users for Extended Security Updates (ESU) who intend to continue using Windows 10 beyond the October 14, 2025 support date.

Read more
The best Windows apps for 2023
dell xps 13 2018 review version 1541544414 screen hero2

There are plenty of apps available in the Microsoft Store, but the best Windows apps can remain elusive. Calendar apps are a popular choice for those looking to improve productivity, and there are plenty of free apps you can choose from if you don't want to pay for the privilege.

To help you choose, we’ve put together a list of the best Windows 10 and Windows 11 apps for every user to try out, whether you want better productivity or just seek to be entertained.
Best Windows apps for productivity

Read more