The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability."
From bypassing windows password in login screen to Releasing Secure boot master keys.... Encrypted MS Servers but only Client to Server not Server to Server. Windows XP safety mode to bypass logins..... 15 seconds needed to extract user login codes from a windows machine. Windows trusts every network its on. You got a trojan horse oh nvm just remove...oh wait its in the map that even Admin rights don't have access and how many people not just click on that pop up of admin rights.....without even knowing WTF is going on.
I know more OS got the issues, but at least when i lose a password on my machine and search to retrieve the internet doesn't pop up dozen of ways to solve it just says...well your fucked...
Sooo...yeah...the list of bad stuff is just too looong.... I hate Apple but at least they knew that Apple OS sucked and replaced it with Darwin....When is Windows finally letting go of there sick OS?
Also if you got more of these easy vulnerabilities. its for me too long list to think of now.
Well, from Microsofts point of view, they don't want calls from the technical illiterate saying that they've forgotten their password and can't log back in.
That mindset alone is a huge security risk.
But I agree, your concerns here are very grounded.
Its a concern, Some of these risks like the Secure boot. Its like they do it on purpose. Just like there disk encryption were if i not recall it was Wendell that said they kept something important (no sure what it was but it was something important) to decrypt outside the encryption partition. Were LUKS has everything inside the encryption.
I'm still convinced the biggest vulnerability is the end user themselves;
pretty much. I mean most cleanups I do are for apps that the customer 'doesn't remember installing' or 'Didn't give admin rights to' when they clearly did. I think the average end user is part of the problem, if not most of it.
It is, but in Linux for example and Apple. User can't make these bugs easy. If you make them there you did it on purpose. In Windows its just too easy to make them by accident.
I've always found that the biggest security hole in every system is the user.
1) Weak templated passwords that only meet minimum requirements. 2) Passwords written on sticky notes on monitor or under keyboard. 3) Clicking "yes" to every windows admin escalation popup.
but yeah when i compare to Apple (i really hater that OS) it takes away as much as possible so it users can't learn or break stuff. I just think it sucks to know So much about computers. How i wish to be just that guy that doesn't give a fuck XD