GetUSB.info Logo

Microsoft Foils USB Hack In Latest Windows Update

When a USB stick is connected to a PC the Windows operating system enumerates the device.  In simple terms, this means Windows will check to see what type of device was just connected, a HID device, Mass Storage Devicet etc, it will also check the speed of the device. During the enumeration process some registry entries are made into the Windows registry…this is where a hacker could get into your system and take control.  This is the update Microsoft issues earlier this week to fix the security flaw. Since the vulnerability is triggered during USB enumeration, no user intervention is required. In fact, the vulnerability can be triggered when the workstation is locked or when no user is logged in, making this an unauthenticated elevation of privilege for an attacker with casual physical access to the machine. Other software that enables low-level pass-through of USB device enumeration may open additional avenues of exploitation that do not require direct physical access to the system. So be sure to update your PC with the update notification comes through – it’s in your best interest. Full Microsoft article here:

Tags: , ,

Copyright © 2006-2019

USB Powered Gadgets and more...

All Rights Reserved

GetUSB Advertising

The opportunities on our website reach at least 1,000 unique visits per day.

For more information
Visit our advertising page.

Nexcopy Provides

USB copy protection with digital rights management for data loaded on USB flash drives.

Contact us learn more