Microsoft and Security: This Must Be an April Fool Joke in May, Right?
May 27, 2022
I read “Pwn2Own Hackers Just Broke Into Windows 11 and Teams in a Single Day.” Was this an Onion article? A write up from a former Punch writer? An output from Google’s almost human super capable smart software?
Nope. The source is a reliable online publication called Make Use Of or MUO to its friends.
I learned:
Day one of Pwn2Own is over, and taking a look at the bounty board shows that Microsoft’s software didn’t stand up well to the onslaught. The event saw three successful attacks on Microsoft Teams, and two against Windows 11. Each successful hack was rewarded accordingly, with the lowest bounty coming in at an impressive $40,000, and the biggest at an eye-watering $150,000.
Ah, Windows 11 and the feature-spawning Teams!
My view of Windows 11 is that it was pushed out to distract some Silicon Valley type news reporters from the massively bad SolarWinds’ misstep. Few agree with me.
Be that as it may, Windows 11 does not seem to be the paragon of security that I thought Microsoft explained. You know, the TPM thing and the idea that certain computers were not able to deal with the the Millie Vanillie approach to security. Catchy lyrics, but not exactly what paying customers expected.
The article cited concludes with this statement:
With hackers putting up big wins against Microsoft’s apps at Pwn2Win, it shows that the company’s software is perhaps not as secure as it should be. Hopefully, Microsoft can publish fixes for these exploits before they fall into the wrong hands.
Will Microsoft, like Netgear, find that it cannot “fix” certain issues with its software and systems.
Stephen E Arnold, May 27, 2022