Windows downdate
Alon Leviev, a security researcher at SafeBreach, has unveiled a technique that lets malicious actors manipulate the Windows Update process to downgrade critical system components, rendering security patches useless.
“With Windows Downdate, I was able to take full control of the Windows Update process, downgrading key OS components, including DLLs, drivers, and even the NT kernel,” Leviev said while presenting his research at the just concluded Black Hat conference. “This allowed me to bypass all verification steps and make a fully patched Windows machine susceptible to thousands of past vulnerabilities.”
https://www.csoonline.com/article/3484624/back-to-the-future-windows-update-is-now-a-trojan-horse-for-hackers.html
I know that your computer can be accessed over the internet if a malicious file gets into your system that gives the person access, I don't know of a website you could access that would download a file to you, I do know if you get a phishing scan email and click any of the links you're in trouble, but I know what the scam emails look like.
So I'm not understanding how this affects me? If I don't go to websites that could harm my computer, and I don't mess with any of the scam emails, this doesn't affect me, right?
And for someone to get through over Wi-Fi, they would have to be standing outside our house and somehow get through the password on it.
“With Windows Downdate, I was able to take full control of the Windows Update process, downgrading key OS components, including DLLs, drivers, and even the NT kernel,” Leviev said while presenting his research at the just concluded Black Hat conference. “This allowed me to bypass all verification steps and make a fully patched Windows machine susceptible to thousands of past vulnerabilities.”
https://www.csoonline.com/article/3484624/back-to-the-future-windows-update-is-now-a-trojan-horse-for-hackers.html
I know that your computer can be accessed over the internet if a malicious file gets into your system that gives the person access, I don't know of a website you could access that would download a file to you, I do know if you get a phishing scan email and click any of the links you're in trouble, but I know what the scam emails look like.
So I'm not understanding how this affects me? If I don't go to websites that could harm my computer, and I don't mess with any of the scam emails, this doesn't affect me, right?
And for someone to get through over Wi-Fi, they would have to be standing outside our house and somehow get through the password on it.
M