{"id":50755,"date":"2017-06-24T10:27:25","date_gmt":"2017-06-24T01:27:25","guid":{"rendered":"http:\/\/www.softantenna.com\/wp\/?p=50755"},"modified":"2017-06-24T10:27:25","modified_gmt":"2017-06-24T01:27:25","slug":"windows-10-not-secure","status":"publish","type":"post","link":"https:\/\/softantenna.com\/blog\/windows-10-not-secure\/","title":{"rendered":"\u3010\u60b2\u5831\u3011Windows 10 S\u3001\u8a00\u3046\u307b\u3069\u30bb\u30ad\u30e5\u30a2\u3058\u3083\u306a\u304b\u3063\u305f"},"content":{"rendered":"

\"Pexels<\/p>\n

Microsoft\u304c\u767a\u8868\u3057\u305fWindows 10\u306e\u65b0\u3057\u3044\u30a8\u30c7\u30a3\u30b7\u30e7\u30f3\u300cWindows 10 S<\/a>\u300d\u306f\u3001\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u53ef\u80fd\u306a\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u304c\u3001Windows\u30b9\u30c8\u30a2\u304b\u3089\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3067\u304d\u308b\u3082\u306e\u306b\u9650\u5b9a\u3055\u308c\u308b\u306a\u3069\u3001Windows 10\u306e\u4e2d\u3067\u6700\u3082\u5b89\u5168\u306a\u30a8\u30c7\u30a3\u30b7\u30e7\u30f3\u3067\u3042\u308b\u3068\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n

\u3068\u3053\u308d\u304cZDNet<\/a>\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u7814\u7a76\u5bb6Matthew Hickey\u6c0f\u304c\u65e9\u304f\u3082Windows 10 S\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30db\u30fc\u30eb\u3092\u767a\u898b\u3002Win32\u30a2\u30d7\u30ea\u3092\u30b9\u30c8\u30a2\u3067\u914d\u4fe1\u3059\u308b\u305f\u3081\u306b\u5229\u7528\u3055\u308c\u3066\u3044\u308b\u3001Desktop App Bridge (Project Centennial)\u306b\u5b58\u5728\u3059\u308b\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3001Windows 10 S\u306e\u5236\u9650\u3092\u7a81\u7834\u3059\u308b\u3053\u3068\u306b\u6210\u529f\u3057\u3066\u3044\u307e\u3059(MSPoweruser<\/a>\u3001Neowin<\/a>\u3001Ars Technica<\/a>)\u3002<\/p>\n

Hickey\u6c0f\u306f\u8106\u5f31\u6027\u3092\u5229\u7528\u3059\u308b\u305f\u3081\u306b\u30de\u30af\u30ed\u30d9\u30fc\u30b9\u306eWord\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u3092\u4f7f\u7528\u3002reflective DLL injection attack\u3068\u547c\u3070\u308c\u308b\u624b\u6cd5\u3092\u5229\u7528\u3057\u3066\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5236\u9650\u3092\u7a81\u7834\u3059\u308b\u3053\u3068\u306b\u6210\u529f\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n

Hickey created a malicious, macro-based Word document on his own computer that when opened would allow him to carry out a reflective DLL injection attack, allowing him to bypass the app store restrictions by injecting code into an existing, authorized process. In this case, Word was opened with administrative privileges through Windows' Task Manager, a straightforward process given the offline user account by default has administrative privileges. (Hickey said that process could also be automated with a larger, more detailed macro, if he had more time.)<\/p><\/blockquote>\n

\u7ba1\u7406\u8005\u6a29\u9650\u3067\u30b7\u30a7\u30eb\u304c\u5229\u7528\u53ef\u80fd\u306b\u306a\u3063\u305f\u5f8c\u306f\u3001Metapoilt\u3068\u547c\u3070\u308c\u308b\u30c6\u30b9\u30c8\u30c4\u30fc\u30eb\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u3053\u3068\u6210\u529f\u3057\u3001\u30ea\u30e2\u30fc\u30c8\u30a2\u30af\u30bb\u30b9\u3084\u30b7\u30b9\u30c6\u30e0\u6a29\u9650\u306e\u53d6\u5f97\u3001\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u30aa\u30d5\u306a\u3069\u3042\u3089\u3086\u308b\u64cd\u4f5c\u304c\u53ef\u80fd\u306b\u306a\u3063\u305f\u3068\u8aac\u660e\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n

Desktop App Bridge\u306fWin32\u30a2\u30d7\u30ea\u3092Windows\u30b9\u30c8\u30a2\u3067\u914d\u4fe1\u3059\u308b\u305f\u3081\u306e\u4fbf\u5229\u306a\u30c6\u30af\u30cb\u30c3\u30af\u3067\u3059\u304c\u3001\u4fbf\u5229\u3055\u306e\u53cd\u9762\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306f\u30c8\u30ec\u30fc\u30c9\u30aa\u30d5\u3068\u306a\u3063\u3066\u3044\u308b\u306e\u304b\u3082\u3057\u308c\u307e\u305b\u3093\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"

Microsoft\u304c\u767a\u8868\u3057\u305fWindows 10\u306e\u65b0\u3057\u3044\u30a8\u30c7\u30a3\u30b7\u30e7\u30f3\u300cWindows 10 S\u300d\u306f\u3001\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u53ef\u80fd\u306a\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u304c\u3001Windows\u30b9\u30c8\u30a2\u304b\u3089\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3067\u304d\u308b\u3082\u306e\u306b\u9650\u5b9a\u3055\u308c\u308b\u306a\u3069\u3001Windows 10\u306e […]<\/p>\n","protected":false},"author":2,"featured_media":50756,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"swell_btn_cv_data":"","footnotes":""},"categories":[3],"tags":[3298,2701],"class_list":["post-50755","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-windows","tag-windows","tag-windows10"],"_links":{"self":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/posts\/50755","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/comments?post=50755"}],"version-history":[{"count":0,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/posts\/50755\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/media\/50756"}],"wp:attachment":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/media?parent=50755"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/categories?post=50755"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/tags?post=50755"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}