Windows 8 - Microsoft's SmartScreen

According to a known computer security researcher, Microsoft's SmartScreen feature implemented in Windows 8 reports information to Microsoft about every application installed, in an insecure manner

Known computer security researcher Nadim Kobeissi has posted up some interesting information on the behavior of Windows 8 whenever you install an application. According to some quick researching he did, the Windows SmartScreen feature reports every application a user installs to Microsoft, and does so in a way that could be intercepted by malicious hackers.

The Windows SmartScreen feature is enabled by default and is designed to tell end users whether the application they have downloaded from the internet is safe to install on their machine. It does this by gathering some info upon opening the installer, sending it to Microsoft and then waiting for a response to see if said installer has a valid certificate. As Kobeissi mentions, this means information about every single application downloaded and installed is sent to Microsoft.

He dug further to discover the information sent could potentially be intercepted by a malicious hacker, as Microsoft uses an "outdated and insecure" method of HTTPS encrypted communications. If a hacker did manage to steal all the information on a user's application installation habits, they could make a profile of the user and use that to find other exploitable weaknesses.

The issue with SmartScreen is currently only prevalent in Windows 8 as it's the first time Microsoft has integrated SmartScreen at an OS level (Windows 7 only features SmartScreen in applications like Internet Explorer). You can disable SmartScreen so you are no longer reporting your installation habits to Microsoft, but this is apparently not easy to do and results in periodic nags to re-enable it.

Chances are Microsoft will not do anything about their implementation of SmartScreen, so as it stands now it could be a privacy and security risk.

So stick to windows 7 or earlier..OK

0 comments: