Windows 10 S Security Compromised with Word Macro, Microsoft’s Next Move?

Windows 10 S security concerns

One of the biggest selling points for the Surface Laptop – currently the only device that runs the lighter Windows 10 S – is that it is inherently more secure than the regular version of Windows. To that end, Microsoft has gone to great lengths in restricting the environment, as we discussed in a recent article.

But, is Windows 10 S really more secure than regular Windows 10? For that to be true, Microsoft should have restricted all types of root access. On a superficial level, Microsoft did manage to achieve that by restricting the OS version to running only UWP apps from Windows Store. Moreover, they’ve blocked PowerShell, cmd.exe and other programming environments on Windows 10 S.

However, they’ve left at one door wide open to potential attackers – macros in MS Word. Macros are regularly used to compromise Windows desktops, so why this exception? In fact, ZDNet even got a security expert to compromise a Surface Laptop and stop short of actually deploying ransomware on it.

What’s more, that’s not the only door they’ve left open. The second vulnerable point is the Administrator account. Once admin privileges are gained, they can run macros on Word. That means they can be used to run arbitrary code. That goes against the very purpose of Windows 10 S – or, at least, the purpose that Microsoft claims that this OS version is intended to serve.

The problem here is that Microsoft isn’t being very open about Windows 10 S. As we observed earlier, they still haven’t issued evaluation copies like they usually do for other Windows iterations. Nor have they made it very clear why these restrictions are there and how they benefit users.

iOS is a good comparison at this point. Apple has locked down iOS for exactly the same reasons claimed by Windows 10 S: security, performance, battery life, user experience and so on. But iOS has locked down any possible super-user access using several methods such as KPP, or Kernel Patch Protection, which prevents any code from executing before the kernel boots up.

If Windows 10 S is supposed to be the “safe and secure” environment that Microsoft says it is, then there are several questions that arise:

For example, why are macros on Word allowed to run? Or, why have they given admin privileges? For that matter, why is Windows 10 S not widely available yet if it effectively locks down a machine? Surely, that would be of great use to a lot of Windows users, right?

Windows 10 S was supposed to be the “cheaper and lighter” version of Windows 10 that would allow OEMs to make devices that would compete in the same market – and same price range, mind you – as Chromebooks.

None of those things have happened, and now there are questions around the security decisions behind Windows 10 S.

A couple of things need to happen as a matter of urgency.

First of all, Microsoft needs to be more open about Windows 10 S. They need to let users know exactly how they’re being protected, and what the key benefits are – aside from just the stuff they mentioned at the Surface Laptop launch.

Second, they need to make it easier to switch 10 S on and off as required. Right now, if users want to downgrade from Windows 10 Pro to Windows 10 S, they need to do a clean install, and all their data is wiped clean from the machine. That’s not unusual, since downgrades usually require a clean install, but it’s not the ideal solution when you want to install just a few outside applications and then lock down the system once you’re done.

Third, there needs to be more consistency around Windows 10 S security. Letting Word macros run but restricting command prompt or PowerShell or Bash is basically contradictory.

The fact that Microsoft hasn’t clarified a lot of things around Windows 10 S leads us to believe that this is still a work in progress. Surface Laptops only started shipping out on June 15, and users are just getting comfortable with how Windows 10 S works and how these restrictions actually protect them from bad actors trying to infect their systems.

Even the decision to provide a recovery image for users who want to downgrade to Windows 10 Pro after upgrading for free was a last-minute one that was deployed after pre-orders started coming in and units started shipping out.

This was the original plan:

Windows 10 S to Windows 10 Pro

It appears that there’s still some work to be done on Windows 10 S. In fact, we’re pretty sure that there will be some important security updates coming through very soon that may restrict Word macros from running. However, Microsoft may not revoke the administrator privileges on Windows 10 S, which means a gaping security hole will still remain.

For now, we’ll have to wait for Microsoft’s next move with Windows 10 S.

Thanks for visiting! Would you do us a favor? If you think it’s worth a few seconds, please like our Facebook page and follow us on TwitterIt would mean a lot to us.

Sources: Microsoft, ArsTechnica, ZDNet