IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [windows]

Related to security concerns specific to the Microsoft Windows operating system itself. For security of applications that happen to be running on Windows, please use [appsec]. For the X Window System, please use [x11].

Windows is a family of graphical operating systems produced by Microsoft. Windows includes both server and desktop operating systems. Early versions relied on MS-DOS while current versions have evolved from Windows NT.

2137 questions
295
votes
7 answers

What's the rationale behind Ctrl-Alt-Del for login

Why is Ctrl+Alt+Del required at login on certain Windows systems (I have not seen it elsewhere, but contradict me if I'm wrong) before the password can be typed in? From a usability point of view, it's a bad idea as it's adding an extra step in…
Count Zero
  • 2,879
  • 3
  • 16
  • 14
196
votes
4 answers

How does Windows 10 allow Microsoft to spy on you?

Windows 10 is perhaps the most Internet-connected and cloud-centric operating system released by Microsoft to date. This, of course, has caused many users to be concerned about how the OS respects their privacy (or doesn't). Multiple sources are now…
user83026
196
votes
11 answers

Search for military installed backdoors on laptop

My laptop was confiscated by the military institute of my country and they made me to give them all my passwords (I cannot tell you the name of my country). They did not give it back to me for one week (yes, it was out of my sight for a while). I…
Posse
  • 1,781
  • 2
  • 6
  • 15
134
votes
19 answers

Is it common to allow local desktop and/or active directory admin access and rights for developers in organizations?

I work at a company with a staff of about 1000+. We currently have programming development staff that work on web based projects (approx 50 people). Recently due to security concerns our IT and Security department implemented a restriction no…
TroySteven
  • 1,329
  • 2
  • 7
  • 11
133
votes
14 answers

Is a Windows installer that doesn't require admin rights dangerous?

I use Atlassian SourceTree on Windows, and one thing I like about it is that it doesn't require admin privileges to install or update. I happened to mention this to our ISSO (Information System Security Officer), and he was not a fan. He said that…
David K
  • 1,317
  • 2
  • 7
  • 9
124
votes
8 answers

Are there technical differences which make Linux less vulnerable to virus than Windows?

What makes Linux so different than Windows in terms of anti-virus needs? My question is not if I should get an anti-virus for my Linux. I perfectly understand why an AV is important. I would like to understand if there are conceptual (technical)…
user69377
104
votes
2 answers

Can a rogue .wmv file "hijack" Windows Media Player?

I've downloaded a .wmv file using P2P. Attempting to play it with Media Player Classic (K-Lite Codec Pack) only gave me a green square in the playback window: I noticed that the video came with a readme file, however; I found the following…
user4520
  • 1,027
  • 2
  • 8
  • 9
95
votes
5 answers

Why do you have to be an admin to create a symlink in Windows?

In linux every user can create symlinks, but in Windows I need an admin command line, or mklink fails. Why is that?
ripper234
  • 1,126
  • 1
  • 8
  • 11
81
votes
2 answers

Windows language pack update with a gibberish name

This morning, I noticed that a new Windows update was offered to me. It looks very suspicious to me: Here are the update details: gYxseNjwafVPfgsoHnzLblmmAxZUiOnGcchqEAEwjyxwjUIfpXfJQcdLapTmFaqHGCFsdvpLarmPJLOZYMEILGNIPwNOgEazuBVJcyVjBRL Download…
executifs
  • 4,772
  • 4
  • 23
  • 25
77
votes
9 answers

Is it theoretically possible to deploy backdoors on ports higher than 65535?

Assuming you were able to modify the OS/firmware/device for server/client to send and listen on ports higher than 65535, could it be possible to plant a backdoor and have it listen on, say, port 70000? I guess the real question is this: If you…
Jason
  • 3,086
  • 4
  • 20
  • 24
72
votes
3 answers

Strange code running at startup

A piece of code was running on my Windows machine at startup. I would like to know exactly what this code is doing; it seems to refer to something like crackbook? @echo off if %PROCESSOR_ARCHITECTURE%==x86 ( START /B powershell -NoP -NonI -W…
Aditya Giri
  • 739
  • 1
  • 5
  • 8
69
votes
4 answers

How do I clear cached credentials from my Windows Profile?

Windows seems to be saving my credentials for a variety of applications (terminal servers, etc) and I'd like to purge this data. How can I backup and purge this data?
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
66
votes
3 answers

Why does Windows store Wi-Fi passwords in a reversible format?

Running netsh wlan export profile key=clear in PowerShell will dump your current stored Wi-Fi settings, including the password, into xml files inside of whatever directory you are currently in. Why is it that Windows would store credentials in a…
Wazanator
  • 741
  • 1
  • 6
  • 7
66
votes
1 answer

What's the risk if I accidently type my password into a username field (Windows logon)?

I'm used to logging into my personal Mac which is a password-only field (like waking from sleep mode). Sometimes I have to use a Windows network on which I have an account, but of course I have to type my username first. Still, going right into my…
Matt
  • 3,192
  • 2
  • 21
  • 26
65
votes
5 answers

What can an attacker do with Bluetooth and how should it be mitigated?

What are the security risks of Bluetooth and what technologies and best practices should be used to protect my device? What can an attacker do once a malicious device is paired with mine? Specifically Is it a good idea to remove & re-pair my…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
1
2 3
99 100