[WARNING] Microsoft stumbles? Allows compromised drivers?

Yes, I just ran the Dormann script on my own machines, and it didn't execute properly on any of them.
Turn out you have to use Ctrl+v to paste. Rt-clk and paste won't work.
The question is, should I now contact all my customers and run this on their machines?
 
makes it easy for an attacker with administrative control to bypass Windows kernel protections.
Click to expand...

That's the entire article. Attackers have to own the box before they can own the box. I don't much care that the kernel is being "bypassed" by admin processes, that's NORMAL USE of any operating system. Which reduces this entire article to click bait.

If "attacks are surging" it's not because of this, it's because people are using admin accounts in inappropriate places.
 
xxenon said:
Yes, I just ran the Dormann script on my own machines, and it didn't execute properly on any of them.
Turn out you have to use Ctrl+v to paste. Rt-clk and paste won't work.
The question is, should I now contact all my customers and run this on their machines?
Click to expand...

I followed the Microsoft guidance. It was simpler than messing around with a 3rd party PowerShell script.

I also wouldn't get proactive doing this to customer machines unless the customer is known to create problems for themselves by installing every little tweak program that comes along.
 
Sky-Knight said:
That's the entire article. Attackers have to own the box before they can own the box. I don't much care that the kernel is being "bypassed" by admin processes, that's NORMAL USE of any operating system. Which reduces this entire article to click bait.

If "attacks are surging" it's not because of this, it's because people are using admin accounts in inappropriate places.
Click to expand...
I am always happy when someone else says these things as I hate to see these stories that unnecessarily create panic and fear.
 
Blues said:
I am always happy when someone else says these things as I hate to see these stories that unnecessarily create panic and fear.
Click to expand...

As am I. I've labeled this sort of thing, "Clickbait meant to induce Pearl-Clutching." And it's irresponsible journalism.
 
Id sadly say much of the so called journalism we get today is in the same class as this where it is just about reader engagement to drive up clicks and such to push add revenue. I feel real journalism is scarce and hard to find more so when you don't want to wade through all the click bait BS there is. Sorry just had to get that rant out.
 
Blues said:
I feel real journalism is scarce and hard to find more so when you don't want to wade through all the click bait BS there is.
Click to expand...

Hence the reason I look only at sources carefully curated by myself that have a history of excellence in journalism (be it general or tech).

There are a number of very popular tech writers where I'd gnaw off my own hand before clicking through to an article they've written. And Forbes (regardless of who's writing) when it comes to tech specifically is just a `treasure trove` of incorrect information.
 
You must log in or register to reply here.

Similar threads

Kitten Kong
  • Sticky
Questions and Answers relating to Microsoft Licencing Guidelines.
Replies
3
Views
12K
Rosco
Rosco
T
A good Software List..must see!!
Replies
11
Views
7K
nesrinamb
N
Kitten Kong
Hirens 13 - Now released
2
Replies
31
Views
16K
eloria
E
Back
Top