According to security researchers, the Power Automate feature, which provides great convenience to Windows 11 users, can also be used by malicious people to achieve their purposes more easily.
Microsoft’s new operating system Windows 11 It comes with many new features. Studies on the use of these features continue. According to a cyber security firm, a feature of the new operating system is also suitable for use by malicious people.
Windows 11 in itself Power Automate It comes with a feature called Although this feature solves many problems and provides an easier experience for users, it has the potential to cause serious security vulnerabilities if malicious people access it.
What is the Power Automate tool, what does it do?
Thanks to this feature, we can leave some things to automation. Thus, Windows 11 prevents us from having to deal with ordinary operations over and over again. For example, if our work requires 1 table backup per hour, this feature without our hassle the operating system takes a backup. The Power Automate feature includes backing up files, converting batches of files, moving datasets between programs, automating actions over the cloud in a network, and more.
Various presets within the application presets Users can also edit the automations they want. The feature, which can be used almost without knowing any coding, is expected to reach great popularity.
CTO of security firm Zenity Michael Bargurysays that malicious people who can access this feature can spread malware faster thanks to automation. Even the code that can perform this attack PowerPwn was published under the name.
For this gap to work malicious people someone must already have access to their computer or be on a public network. If an attacker manages to access or create an account with administrative permissions, they can use automation to spread ransomware or steal verification codes. Moreover, here the malware is directly as signed by Microsoft It will also be difficult to detect for the future.
Microsoft is against this kind of attack of a fully updated system. that you can resist and networks can also detect and isolate infiltrated systems with registry entries. However, for these security measures to be effective, people need to be careful.
Source :
https://www.techspot.com/news/95858-security-researchers-successfully-hijack-windows-11-power-automate.html