Google’s Project Zero team has found a flaw in Windows 10 S. The team has disclosed the flaw publicly even though Microsoft wanted to keep the flaw undisclosed. Microsoft did not want to reveal the flaw until the company fixed it.
Project Zero team is always looking for exploits in software made by Google or any other company. If a bug or flaw is found the team alerts the developers of the software privately. The Project Zero Team gives the developers 90-day window before going all out with the flaw.
The flaw found the Project Zero team affects the Windows 10 S, where S stands for security. 10 S is a more secure and locked out version of the Windows. The version primarily allows only apps from Windows Store to be installed on the machine. Coming to the flaw, it targets the users with user mode integrity (UMCI) and Device Guard enabled. These settings are default in Windows 10 S. This flaw allows anyone to run arbitrary code on the machine. Well, that is embarrassing as it is something Windows 10 S was specifically designed to prevent. Project Zero researcher James Forshaw released a description of the flaw along with a proof of concept code for the flaw.
Forshaw says, “It’s not an issue which can be exploited remotely, nor is it a privilege escalation. An attacker would have to already have code running on the machine to install the registry entries necessary to exploit this issue. Although this could be through an RCE such as a vulnerability in Edge”. Furthermore, he adds “There’s at least two known DG bypasses in the .NET framework that is not fixed. These are still usable even on Windows 10 S so this issue isn’t as serious as it might have been if all known avenues for bypass were fixed.”