Windows discovered the possibility of hacking through corporate tools, reports CNews citing experts.
Vulnerability in the OS code from Microsoft was discovered by specialists from the Austrian company SEC Consult. According to them, the problem was found in the Microsoft Autopilot system, which is a set of tools for setting up devices in corporate networks. A system flaw allows anyone on the network to elevate their privileges to the administrator level and take control of the network.
According to the description of the critical vulnerability, an attacker can cause an error by disconnecting a specific device from the network and then creating a new user and granting it unlimited powers. SEC Consult engineers contacted Microsoft, but the corporation at first ignored them, and upon repeated contact stated that it did not see or admit the problem.
In a statement to site of the company says that a US corporation should fix a bug with Microsoft Autopilot user rights. Austrian experts justified the publication of a detailed error report by Microsoft’s unwillingness to respond to the problem.
Previously, cybersecurity specialists discovered a critical vulnerability in Windows 7. The error allows hackers to take control of the system during its reinstallation. Experts have noticed that the vulnerability can pose a serious threat to users of Microsoft’s OS, since the system is outdated and has not been updated for a long time.