Results 1 to 2 of 2

Thread: Send error report? Never again

  1. #1
    admin Site AdministratorSenior Member arthureld's Avatar
    Join Date
    Aug 2004

    Send error report? Never again

    Next time you get an error report from Microsoft on your office PC, you may want to think twice before sending the crash data.

    A lot of valuable information about a network is transmitted unencrypted in an error report sent back to Microsoft, which leaves a company more vulnerable to an attack by hackers, according to Alexander Watson, the security research director at Websense.

    "One thing we realized very quickly was how little people knew about what type of information is in these crash reports," he said. "That initial information is all unencrypted and in clear text, and that information tells a hell of a lot more about the computer than people realize."

    The error report also sends data about devices plugged into the computer, including operating systems and applications.

    "All those things are really valuable to attackers," Watson said. "From an attacker's perspective, when they know what's on your network, it's much easier to attack it."

    "So if someone was able to intercept that they would have a complete road map to your business."

    Watson, who wrote about the Windows exploit on his company's blog in December, said the high volume of error reports companies send makes this a real risk.

    Microsoft's reporting system, Windows Error Reporting (also called Dr. Watson), is on 80 percent of all network-connected PCs, according to the company. Reports sent on Windows XP, Vista and Windows 7 are all unencrypted (Windows 8 PCs include encrypted error reports).

    According to Microsoft's Windows 8 Privacy statement, the company says it does encrypt the messages sent on its latest operating system.

    "Secure Socket Layer connections are regularly established to communicate details contained in Windows error reports," a company spokesperson said in a statement to CNBC. But Watson said that many organizations using older versions of Windows operating system are still sending their reports in clear text.
    The data in a crash report could enable a hacker to break in and linger undetected in a company's database, collecting confidential information about the business.

    "People should be concerned, especially these multinational corporations where you have a wide geographic footprint," Watson said. "The real threat here would be a nation state-level group where they could say, 'I want access to these logs,' and they could have a tap somewhere collecting that information."
    I wish I was in Tijuana eating barbecued iguana

  2. #2
    Administrator AdminSenior Member Wide's Avatar
    Join Date
    Aug 2004
    HCG World Headquarters, Signal Hill, CA

    I keep my system locked down as much as possible

    Check your firewall and limit anything you dont use

    I also wear suspenders ans a belt to keep my stuff in place

    .-/c-.,_ /

    "Logic will get you from A to B. Imagination will take you everywhere"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts