1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Remote Safe Mode attack defeats Windows 10 pass-the-hash defenses

Discussion in 'Network World' started by RSS, Sep 16, 2016.

  1. RSS

    RSS New Member Member

    Microsoft tries to protect user account credentials from theft in Windows 10 Enterprise, and security products detect attempts to pilfer user passwords. But all those efforts can be undone by Safe Mode, according to security researchers.

    The Safe Mode is an OS diagnostic mode of operation that has existed since Windows 95. It can be activated at boot time and only loads the minimal set of services and drivers that Windows requires to run.

    This means that most third-party software, including security products, don't start in Safe Mode, negating the protection they otherwise offer. In addition, there are also Windows optional features like the Virtual Secure Module (VSM), which don't run in this mode.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page