Windows error reports are sent in the clear. Websense represents a risk to more than one billion Windows computers worldwide. NSA knows about a prior advantage.
Windows Error Reporting is a feature of Windows that allows a user to report bugs to Microsoft. But security researchers from Websense also presented a flaw in the extent of information transmitted in the clear.
This data is sent to a Windows crash, but also when changing equipment. Websense says they are transmitted via HTTP and include timestamp information, the hardware manufacturer and the identifier, as well as information about the version of the default language of OS, service pack, the device status, BIOS version, unique identifier of the machine, etc.
For researchers at Websense, it is a risk of leakage of data that can be useful to attackers if they are intercepted. They can help to find and exploit vulnerabilities on a system that is vulnerable.
According to Websense, 80% of all connected PCs use Windows Error Reporting, more than one billion worldwide. Unlike bug reports for applications, the Windows Error Reporting feature is enabled by default. System administrators must make the effort to refuse shipments.
Certainly, the interception of data is not within the reach of anybody. However, according to the latest revelations related to documents leaked by Edward Snowden, elite hackers of the NSA found an interest in the bug reports.
For them, it is a passive access to a machine with error messages that are interesting information to target security holes later and inject malicious or spyware software on a machine.
