Friday, January 10, 2014
Don't send Windows Error Report when system crashes
Recent report and research from Websense security research group, indicated that Windows systems used by consumers in the event of an error report, that if you submit an error report to Microsoft, then it would be very useful and may be intercepted by hackers, and based on this information to help formulate on relevant strategies of hacker attack. When the system crashes then it will pop up a dialog box, which contains detailed information on the operation status of the device, Windows version information, application information, and this information hackers are likely to be listening to.
When the system or application crashes then it pops up an error report, users often need to confirm whether it will pass these error messages to Microsoft, but at the time of transferring on some of the information often does not interact with the user. For example, the success of the new U-disk connection, information about the host and the Windows version number is being used, the service pack installation, BIOS information, and so on.
Although, when this data appear to leaked and no serious problem, but for a company who are the target of hackers, this information is very valuable, it can help hackers to aim their network test systems currently known vulnerabilities and weak points . Websense group noted: "Information generated due to a system crash is still very useful for hackers, and hackers might take to develop new zero-day vulnerabilities."
Source: neowin
Widget by Css Reflex
