A security researcher has discovered a critical flaw in various Microsoft Windows Protocols that can be used in malicious attacks. For more information continue reading.
Microsoft Windows Protocols Can Be Used in Dangerous Attacks
A computer security researcher has discovered a critical flaw that encompasses a lot of Microsoft Windows programs due to the Microsoft Windows Protocols feature that is built-in in the operating system. The flaw was spotted by accident when the researcher clicked on a link in the Google Chrome browser which opened the Windows Store App. This was quite unnatural and risky as the browser asks the user when they are about to engage in potentially dangerous actions such as opening up external programs. In this case no warning was produced. It appears that there is a built-in function called Microsoft Windows Protocols which is responsible for this dangerous behavior. According to the analysis this is related to a registry value string which is used by the Windows Store App. A lot of applications including Microsoft Edge have their own protocols.
This flaw is probably related to the Microsoft Windows Store application implementation. Ever since Windows 8 the company has tried to grow their own application ecosystem by using the Windows Store application much like the package management solutions of other operating systems. The Microsoft Windows Protocols have a rich feature sets which allow the applications and their developers to use it to perform various functions – queries and execution commands are just one of the few capabilities. Unfortunately this also has serious consequences which are shown in this particular security flaw report. The Two proof-of-concept attacks demonstrated in the Microsoft Edge browser shows that a single string can crash the browser or cause dangerous manipulations.
Click here to read the whole report of the incident. This issue was reported to the Microsoft Security team On November 26 2016.