Windows RT: Bug not a bug?
Microsoft, kernel expert take sides on whether this week's Windows RT flaw is a security vulnerability that needs to be patched
Computerworld - Microsoft and a respected researcher disagreed this week about whether a bug in Windows RT is actually a security vulnerability that should be patched.
The bug, revealed Jan. 5 by a hacker known as "clrokr," can be used to bypass a restriction in Windows RT that prevents its "desktop" mode from running anything but select, Microsoft-made software. By changing a byte in the Windows RT kernel, said clrokr, Windows RT users could install standard Windows applications -- assuming they had been recompiled for the OS's ARM processor -- and run them on the desktop.
By default, only Microsoft's Office RT, a scaled-down version of Office 2013; Internet Explorer 10 (IE10); the File Explorer file manager; and several other utilities created by the Redmond, Wash. developer, are allowed on the Windows RT desktop.
Other hackers have taken clrokr's work to actually install recompiled Windows apps on RT-powered devices.
Most have portrayed clrokr's discovery as a "jailbreak," meaning a way for do-it-yourselfers to sneak unauthorized software onto a tablet running Windows RT. Jailbreaks have been used for years by iPhone owners to install apps that have not been approved by Apple for its App Store distribution market.
But the same technique could also be used to install malicious software, argued Tarjei Mandt, a researcher who has found dozens of security vulnerabilities in the Windows kernel, and reported them to Microsoft for patching. Mandt works as a senior security researcher for Azimuth Security, an Australian security consultancy founded by researchers formerly at IBM's Internet Security Systems XForce.
"This is not your traditional security vulnerability, as it already requires the user to have administrative privileges, [which is] the reason why Microsoft doesn't classify it as a security vulnerability," Mandt said in an email interview. "[But] if the goal of the operating system is to prevent unverified drivers and executables from running, as the case is with Window RT, then in my opinion it should be classified as a security issue or security bypass."
Microsoft doesn't see it that way.
"The scenario outlined is not a security vulnerability and does not pose a threat to Windows RT users," Microsoft categorically said Tuesday in a statement. The company also hinted at its rationale: "The mechanism described is not something the average user could, or reasonably would, leverage as it requires local access to a system, local administration rights and a debugger in order to work," Microsoft said.
True, acknowledged Mandt, who admitted clrokr's tactic had flaws. "Although the attack in this case can be used to disable [Windows RT's] signature enforcement at runtime, launching something that can survive a reboot is a completely different story due to the extensive verification made by UEFI Secure Boot," Mandt said.
- Microsoft discounts Surface for college kids, goes for price edge over Apple's MacBook Air
- Surface damage mounts at Microsoft as red ink reaches $1.7B
- Microsoft again writes off Surface inventory, renews profitability doubts
- Surface survives Microsoft cuts, but tablet strategy remains muddled
- Surface Pro 3 not a notebook replacement to DIYers who want inside
- Microsoft wants MacBook Air owners to trade up to a Surface Pro by trading in
- Surface Pro 3 'notebook' reaches retail today
- Whoops! Microsoft goof confirms Surface Mini
- Surface Pro 3 deep-dive review: Has Microsoft finally got it right?
- Perspective: The Surface Pro is Microsoft's latest premature introduction problem
- Managing Social Content to Maximize Value and Minimize Risk In this AIIM white paper, you will learn about the roles of content publishing systems and content management systems in social business strategies...
- Enterprise Mobility Management Checklist Read this checklist for tips and considerations when creating your own Enterprise Mobility Management (EMM) strategy.
- AIIM SharePoint Industry Watch AIIM surveyed its 65,000 community members to look at how the enterprise is reacting to social aspects, why organizations are exploring social, who...
- Securing Mobile App Data - Comparing Containers and App Wrappers Analysts agree that Mobile Device Management (MDM) is not enough when it comes to securing app data. Although it remains a critical component...
- Client Management: Simplifying Life for System Admins Watch this brief webinar to hear how implementing a client management strategy not only overcomes common Apple-ization challenges related to data protection &...
- Accelerate your innovation with IBM Bluemix™ Join us for a webcast introducing the new IBM BluemixTM. IBM Bluemix (www.bluemix.net) is a developer oriented Platform as a Service (PaaS) environment... All Tablets White Papers | Webcasts