Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Unencrypted Windows crash reports give 'significant advantage' to hackers, spies

Gregg Keizer | Jan. 2, 2014
Microsoft transmits a wealth of information from Windows PCs to its servers in the clear, claims security researcher.

The spokesperson added that, "Secure Socket Layer connections are regularly established to communicate details contained in Windows error reports," which is only partially true, as Stage 1 reports are not encrypted, a fact that Microsoft's own documentation makes clear.

"The software 'parameters' information, which includes such information as the application name and version, module name and version, and exception code, is not encrypted," Microsoft acknowledged in a document about ERS.

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.