After finding the registry key that stores the password hint string it became fairly simply for the guys at SpiderLabs to write code that would translate the hint from its Unicode form into plain text. The code was so simple that it has already been added into the Metasploit tools meaning that this flaw is already in the “wild” in an exploitable format.
Although we were not surprised at the speed in which the Metasploit tools were updated we were a little surprised that Microsoft left this out in the open. For months now we have been hearing about increased security and better protection for users’ information yet somehow a flaw that has been around since Windows XP still remains in Windows 8. This latest is in addition to the flaw uncovered that allows anyone with admin access (like malware with elevated privileges) to obtain a complete, unencrypted copy of the contacts file for anyone that uses that particular computer.
So now we have a flaw that allows for a head start in penetrating the security of a system (and if it is attached to a domain access to the domain) and the user contact list stored in plain text inside Microsoft’s next operating system. These are fairly glaring flaws in an OS that is supposed to be used with many cloud services. We are not sure where the increased security is, unless Microsoft is talking about the trusted computing improvements like locking down the UEFI boot process.
We have noticed that as the date of release for Windows 8 approaches more and more people are commenting on usability, security, performance, and other issues in the next operating system. Many of these are items that we brought up after the first build release. Perhaps they hoped (as did we) that Microsoft would address these issues long before the OS went to market. Unfortunately as we have seen far too often with Microsoft many flaws and bugs are fixed after the first Public release of the OS (the consumer preview program release) as Microsoft works to finalize other parts of the OS to make sure it looks good. Usually by the time the release preview hits they are already working on the first service pack to correct or hide bugs and flaws that they knew existed in the code that will be released OEM manufacturers and then to the consumer. It is a business model that most software companies follow these days as delays tend to cost more money than patches after the purchase.
Discuss this in our Forum