Do you use Microsoft's hugely popular Windows 10 operating system? It's installed on nearly half a billion devices, so there's a really good chance you do.
If so, you've probably heard about its widely praised efforts to be one of the most secure operating systems in the world. That's critically important to you since cybercrime has become so commonplace.
It seems every day we're telling you about hackers putting people's lives at risk with malware attacks. We recently told you how much of Europe's computer systems were shut down, including hospital systems, by a ransomware attack that put people's lives in danger.
Microsoft, to its credit, has made huge advances on security with Windows 10. That includes the new Windows 10 S. If you aren't using 10 S, there's a good chance the younger adults in your family are using it, or are thinking about getting it.
Warning! Although Windows 10 S is designed to be virtually impossible to hack, a cybersecurity expert just hacked it. Worse, it took him only three hours.
Here's a little background. Windows 10 S is pre-installed on laptops like Microsoft's Surface Laptop. It's a streamlined operating system that is designed to be secure.
That includes giving users access to only software programs that Microsoft has rigorously screened. You can download apps only from the Windows Store.
There's another level of security. Users like you, in theory, can't gain administrative level access to your laptop. That means you can't go in and tweak software programs. Hackers often use admin-level functions like Command Prompt and PowerShell to install malware onto your computer.
Unfortunately, a cybersecurity expert just hacked Windows 10 S and proved he can install ransomware on it. You'll be shocked how he used Microsoft Word to do it!
Microsoft Should Know Better
Microsoft left one of the oldest, best-known security vulnerabilities wide open for hackers to exploit. In just a few hours, hackers can gain admin-level privileges to your laptop. They can remotely take complete control of it and install ransomware.
That was proved by Matthew Hickey from Hacker House. He told ZDNet: "I'm honestly surprised it was this easy. When I looked at the branding and the marketing for the new operating system, I thought they had further enhanced it. I would've wanted more restrictions on trying to run privileged processes instead of it being such a short process."
Here's how he did it. He got around 10 S's security by using the word-processing program Word that you've probably been using for decades to write letters.
He created a malicious Word document and installed it onto his 10 S laptop. He exploited the macros that can run on Word.
We've warned you many times about macros. These are little software programs that perform routine functions that you don't want to do over and over.
Hackers often use macros to install malware onto your computer. That's why Microsoft warns you not to enable macros.
Bonus: Keep reading for tips to prevent a ransomware attack on 10 S.
Here's What You Must Do
The good news about Windows 10 S is that it is a more secure operating system than the standard version of Windows 10. It's a lot more secure than older versions of Windows.
Microsoft told ZDNet: "In early June, we stated that Windows 10 S was not vulnerable to any known ransomware, and based on the information we received from ZDNet that statement holds true. We recognize that new attacks and malware emerge continually, which is why [we] are committed to monitoring the threat landscape and working with responsible researchers to ensure that Windows 10 continues to provide the most secure experience possible for our customers."
Unfortunately, with a little know-how and a few hours to spare, hackers can take over your 10 S laptop and install ransomware onto it. Here's how to protect yourself:
- Never enable macros unless you are 100 percent certain that it is safe
- Make sure you download Microsoft-approved security apps from the Windows Store
Reminder: Please share this news with younger people in your family. Microsoft developed the pared-down, security-focused Windows 10 S with students in mind.