Windows has been grappling with security issues since its inception, and the situation seems to be deteriorating. Despite decades of experience and advancements in technology, Microsoft has been unable to fully secure its operating system. The article highlights several recent security breaches that have raised concerns about the safety of Windows.
One such incident involved a Chinese hacking group, Storm-0558, which managed to steal “secure” messages from the US government via Microsoft’s Exchange Online. This incident led AJ Grotto, a former senior White House cyber policy director, to classify Microsoft and its products as a national security concern.
The article also points out the severity of recent security flaws in Windows. For instance, CVE-2024-30080, a Microsoft Message Queuing (MSMQ) remote code execution (RCE) issue, earned a 9.8 out of 10 CVSS severity rating, indicating a high risk of exploitation. Another significant flaw was CVE-2024-30078, a Wi-Fi driver remote code execution hole, which could enable an attacker to remotely run malware or spyware on a user’s PC.
The author criticizes Microsoft for introducing new security holes by design, specifically referring to Microsoft Recall. This feature, which takes regular snapshots of everything a user does on their computer, is seen as a potential privacy invasion and a security risk. Despite these concerns, Microsoft plans to make Recall an optional feature in the next generation of Windows PCs.
The article concludes by questioning Microsoft’s approach to security and urging the company to take more robust measures to protect its users. It emphasizes the need for Microsoft to prioritize security and privacy, especially given the increasing reliance on digital platforms in today’s world.
Read more: www.theregister.com
Leave a Reply