Security News Windows 10 S security brought down by, of course, Word macros

[LASER_oneXM]

...some quotes from the article above:

The major premise justifying Windows 10 S, the new variant of Windows 10 that can only install and run applications from the Windows Store, is that by enforcing such a restriction, Windows 10 S can—like iOS and Chrome OS—offer greater robustness and consistency than regular Windows. For example, as Microsoft has recently written, apps from the Windows Store can't include unwanted malicious software within their installers, eliminating the bundled spyware that has been a regular part of the Windows software ecosystem.

If Windows 10 S can indeed provide much stronger protection against bad actors—both external ones trying to hack and compromise PCs and internal ones, such as schoolkids—then its restrictions represent a reasonable trade-off. The downside is that you can't run arbitrary Windows software; the upside is that you can't run arbitrary Windows malware. That might not be the right trade-off for every Windows user, but it's almost surely the right one for some.

 

[509322]

The article author must not have known that most malicious office document macros use cmd.exe and/or powershell.exe - both of which are disabled by default in 10 S.

It's all easy enough to avoid - don't enable macros for office files obtained from external sources. But hey, you can't say that to a typical user and expect them to know what you're talking about.

And another thing, office files can be exploited by other means, like *.dll attacks.

Brought down by macros - I don't think I would go that far, yet compromise via macros is still possible.

 

[Arin]

Interesting Read