Vulnerability Test for Windows 10
VerifiedAdded on 2023/04/11
|14
|1689
|285
AI Summary
This document discusses the vulnerabilities of Windows 10 operating system and provides insights into conducting a vulnerability test. It explores the risks associated with these vulnerabilities and offers recommendations for protecting your system.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: VULNERABILITY TEST FOR WINDOWS 10
Vulnerability test for windows 10
Name of the student:
Name of the university:
Author note:
Vulnerability test for windows 10
Name of the student:
Name of the university:
Author note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
VULNERABILITY TEST FOR WINDOWS 10
Table of Contents
Introduction................................................................................................................................3
Discussion..................................................................................................................................4
Research into Windows 10 vulnerability...................................................................................4
Internet Explorer Vulnerabilities (MS15-079).......................................................................4
Windows 10 Wi-Fi sense sharing contact..............................................................................4
Vulnerability test rationale.........................................................................................................4
Methodology..............................................................................................................................5
Setup.......................................................................................................................................5
Test Execution........................................................................................................................5
Vulnerability Analysis...........................................................................................................6
Reporting................................................................................................................................6
Remediation...........................................................................................................................6
Detailed findings........................................................................................................................6
Source of the vulnerability.........................................................................................................6
Microsoft Font Driver............................................................................................................7
Microsoft Edge.......................................................................................................................7
Windows 10 Mount Manager.................................................................................................7
Likelihood of vulnerability........................................................................................................8
Summary....................................................................................................................................8
Recommendations......................................................................................................................9
Appendix....................................................................................................................................9
VULNERABILITY TEST FOR WINDOWS 10
Table of Contents
Introduction................................................................................................................................3
Discussion..................................................................................................................................4
Research into Windows 10 vulnerability...................................................................................4
Internet Explorer Vulnerabilities (MS15-079).......................................................................4
Windows 10 Wi-Fi sense sharing contact..............................................................................4
Vulnerability test rationale.........................................................................................................4
Methodology..............................................................................................................................5
Setup.......................................................................................................................................5
Test Execution........................................................................................................................5
Vulnerability Analysis...........................................................................................................6
Reporting................................................................................................................................6
Remediation...........................................................................................................................6
Detailed findings........................................................................................................................6
Source of the vulnerability.........................................................................................................6
Microsoft Font Driver............................................................................................................7
Microsoft Edge.......................................................................................................................7
Windows 10 Mount Manager.................................................................................................7
Likelihood of vulnerability........................................................................................................8
Summary....................................................................................................................................8
Recommendations......................................................................................................................9
Appendix....................................................................................................................................9
2
VULNERABILITY TEST FOR WINDOWS 10
References................................................................................................................................10
VULNERABILITY TEST FOR WINDOWS 10
References................................................................................................................................10
3
VULNERABILITY TEST FOR WINDOWS 10
Introduction
Software vulnerability is the weakness of any software that makes the system security
under risk (Younis et al, 2016). Vulnerability of software testing has two mechanism mainly
one is Penetration Testing and Vulnerability Assessment. There are four components of
vulnerability testing of software named as active, passive, networking and distributed testing.
This document will discuss about the vulnerabilities of windows 10 operating system,
Investigation of vulnerabilities in windows 10 operating system what are the risk assessment
are there how they are making system under highly risk. Along with the list of vulnerability
test and the procedure of testing with strong evidence of this report study will be given.
Discussion
Research into Windows 10 vulnerability
In the updated windows 10 version still there are numbers of vulnerability present in
the software that needs to be eliminated from the system (Allodi, 2015). Few of the common
vulnerabilities are mentioned below.
Windows 10 Wi-Fi sense sharing contact
In the windows 10 operating system, this system automatically shares Wi-Fi
credentials with Facebook, Skype and outlook contacts apparently to make hotspot and Wi-Fi
sharing in an easy way (Krit and Haimoud, 2016). The mentioned contacts can jump into the
Wi-Fi network without having any authorization. This unauthorized permission will lead to
compromise with security.
Vulnerability test rationale
Process of testing vulnerability consist of some steps that are as follows, Goals &
Objectives, Scope, Information Gathering, Vulnerability Detection and Information Analysis
VULNERABILITY TEST FOR WINDOWS 10
Introduction
Software vulnerability is the weakness of any software that makes the system security
under risk (Younis et al, 2016). Vulnerability of software testing has two mechanism mainly
one is Penetration Testing and Vulnerability Assessment. There are four components of
vulnerability testing of software named as active, passive, networking and distributed testing.
This document will discuss about the vulnerabilities of windows 10 operating system,
Investigation of vulnerabilities in windows 10 operating system what are the risk assessment
are there how they are making system under highly risk. Along with the list of vulnerability
test and the procedure of testing with strong evidence of this report study will be given.
Discussion
Research into Windows 10 vulnerability
In the updated windows 10 version still there are numbers of vulnerability present in
the software that needs to be eliminated from the system (Allodi, 2015). Few of the common
vulnerabilities are mentioned below.
Windows 10 Wi-Fi sense sharing contact
In the windows 10 operating system, this system automatically shares Wi-Fi
credentials with Facebook, Skype and outlook contacts apparently to make hotspot and Wi-Fi
sharing in an easy way (Krit and Haimoud, 2016). The mentioned contacts can jump into the
Wi-Fi network without having any authorization. This unauthorized permission will lead to
compromise with security.
Vulnerability test rationale
Process of testing vulnerability consist of some steps that are as follows, Goals &
Objectives, Scope, Information Gathering, Vulnerability Detection and Information Analysis
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
VULNERABILITY TEST FOR WINDOWS 10
& Planning. In the planning section, it consist of the goals and objectives of vulnerability
analysis (Henard et al, 2016). Scopes are the clearly defined scope of the given task and it
consist of three following phase.
1. Black Box testing: In this testing process (Jan et al, 2016), testing is done without
having prior knowledge of the internal system and network and it is done from
outside.
2. White Box testing: Testing with having knowledge of the internal system and it is
done from inside the system is known as testing white box.
3. Grey Box Testing: Mixture of white and black box testing that can be perform from
either internal or external networks, is known as grey box testing.
Information Gathering is to gain knowledge of the IT field as much as possible such as IP
address, Networks, Version of the operating system etc. This information gathering is
necessary for all three testing White, Black and Grey. In the Vulnerability detection process,
scanners are used for vulnerability and it will scan IT environment and gives the report of
vulnerability. In the last phase of information planning and analysis, this will analyse the
vulnerabilities identified to penetrate into the system and network.
VULNERABILITY TEST FOR WINDOWS 10
& Planning. In the planning section, it consist of the goals and objectives of vulnerability
analysis (Henard et al, 2016). Scopes are the clearly defined scope of the given task and it
consist of three following phase.
1. Black Box testing: In this testing process (Jan et al, 2016), testing is done without
having prior knowledge of the internal system and network and it is done from
outside.
2. White Box testing: Testing with having knowledge of the internal system and it is
done from inside the system is known as testing white box.
3. Grey Box Testing: Mixture of white and black box testing that can be perform from
either internal or external networks, is known as grey box testing.
Information Gathering is to gain knowledge of the IT field as much as possible such as IP
address, Networks, Version of the operating system etc. This information gathering is
necessary for all three testing White, Black and Grey. In the Vulnerability detection process,
scanners are used for vulnerability and it will scan IT environment and gives the report of
vulnerability. In the last phase of information planning and analysis, this will analyse the
vulnerabilities identified to penetrate into the system and network.
5
VULNERABILITY TEST FOR WINDOWS 10
Methodology
Remote code execution vulnerability in windows 10
VULNERABILITY TEST FOR WINDOWS 10
Methodology
Remote code execution vulnerability in windows 10
6
VULNERABILITY TEST FOR WINDOWS 10
VULNERABILITY TEST FOR WINDOWS 10
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
VULNERABILITY TEST FOR WINDOWS 10
VULNERABILITY TEST FOR WINDOWS 10
8
VULNERABILITY TEST FOR WINDOWS 10
Detailed findings
Source of the vulnerability
Main source to find this vulnerability is GitStack software. Along with using GitStack
this testing is performed using shell, virtual box. This test is done using the ip address of the
system network and creating an account from the attacker side and taking all the access in the
VULNERABILITY TEST FOR WINDOWS 10
Detailed findings
Source of the vulnerability
Main source to find this vulnerability is GitStack software. Along with using GitStack
this testing is performed using shell, virtual box. This test is done using the ip address of the
system network and creating an account from the attacker side and taking all the access in the
9
VULNERABILITY TEST FOR WINDOWS 10
system as administrator. This vulnerability has granted full access in the system that is read
and write both. This remote code execution vulnerability exists in windows 10. This will take
place when the database engine is handled in a misguided way in the memory. This
vulnerability effects the operating system that is windows 10. This vulnerability cause if the
talent services is treated improperly and this will allow the system to remote code execution
in the operating system that will reveal all the system information.
Impact of this vulnerability
Source code execution allow unauthorized user to get some sensitive information that
may be related with the database credentials or the information about the functionality of the
web browser. This vulnerability will show the system information and that will cause in
disclosure of system files transparent to the user and that will result compromising with
system files. It becomes very easier for attackers if they can get somehow the system
information because at that time they will have all the necessary information related with the
system and this will make the system very weak to protect from attacks. If the system is
connected with more than one machine then the chances are very high that the entire system
which is connected together will be under attack and this will make a very big impact on the
organization as it will reveal the organization system information.
Likelihood of the vulnerability being exploited
Likelihood for the source code execution in windows 10 operating system is
compromising of losing system information and may also lose control of system form the
hacker. Source code execution share the detail information of the system that makes the files
and information available for the attacker and if the single machine is under attack and that
machine is connected with more number of machines then it becomes very easy to reveal the
entire system information and making the organization under high risk. It is very likely that
VULNERABILITY TEST FOR WINDOWS 10
system as administrator. This vulnerability has granted full access in the system that is read
and write both. This remote code execution vulnerability exists in windows 10. This will take
place when the database engine is handled in a misguided way in the memory. This
vulnerability effects the operating system that is windows 10. This vulnerability cause if the
talent services is treated improperly and this will allow the system to remote code execution
in the operating system that will reveal all the system information.
Impact of this vulnerability
Source code execution allow unauthorized user to get some sensitive information that
may be related with the database credentials or the information about the functionality of the
web browser. This vulnerability will show the system information and that will cause in
disclosure of system files transparent to the user and that will result compromising with
system files. It becomes very easier for attackers if they can get somehow the system
information because at that time they will have all the necessary information related with the
system and this will make the system very weak to protect from attacks. If the system is
connected with more than one machine then the chances are very high that the entire system
which is connected together will be under attack and this will make a very big impact on the
organization as it will reveal the organization system information.
Likelihood of the vulnerability being exploited
Likelihood for the source code execution in windows 10 operating system is
compromising of losing system information and may also lose control of system form the
hacker. Source code execution share the detail information of the system that makes the files
and information available for the attacker and if the single machine is under attack and that
machine is connected with more number of machines then it becomes very easy to reveal the
entire system information and making the organization under high risk. It is very likely that
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10
VULNERABILITY TEST FOR WINDOWS 10
the browser information will be revealed also and that will result in loosing critical
information like user id, password and other information.
Summary
This document is about the vulnerability of the windows 10 operating system. How
the system is being attacked by hackers, due to vulnerabilities and how it is making security
issues. This report has also discussed about how vulnerability testing is done, what are the
methodology are there and the impacts of these vulnerability in the operating system. From
the above discussed points it can be said that windows 10 is still not fully safe from hackers
and there are number of vulnerability present in the system such as Microsoft Edge, Wi-Fi
sense, Mount manager, etc. and this is also making organizations under risk. All these are
making a hole for the attackers to enter into the victim’s system. Likelihood of vulnerability
increase the other system also in danger that are connected with the attacked system. These
vulnerabilities can be eliminated by updating software as released by the Microsoft patches
and updates.
Recommendations
From the above study of this report, Recommendations to keep the system away from
vulnerability and not be attacked by the hacker are mentioned below. Always check for
updates that are available in the official store only that is from Microsoft. Use trusted
antivirus to let this antivirus deal with the situation if any error or mistake is done so that
system will have a backup to not to get from any malicious attack. Antiviruses also need to be
updated to have the latest information about the threats and perform task well. In case a
system get attacked by the hacker or any unauthorized access it is highly recommended to
unplug the system from network and make sure that it is not connected with any other device
because there will be very likely that the connected device may get attacked as well. Do not
VULNERABILITY TEST FOR WINDOWS 10
the browser information will be revealed also and that will result in loosing critical
information like user id, password and other information.
Summary
This document is about the vulnerability of the windows 10 operating system. How
the system is being attacked by hackers, due to vulnerabilities and how it is making security
issues. This report has also discussed about how vulnerability testing is done, what are the
methodology are there and the impacts of these vulnerability in the operating system. From
the above discussed points it can be said that windows 10 is still not fully safe from hackers
and there are number of vulnerability present in the system such as Microsoft Edge, Wi-Fi
sense, Mount manager, etc. and this is also making organizations under risk. All these are
making a hole for the attackers to enter into the victim’s system. Likelihood of vulnerability
increase the other system also in danger that are connected with the attacked system. These
vulnerabilities can be eliminated by updating software as released by the Microsoft patches
and updates.
Recommendations
From the above study of this report, Recommendations to keep the system away from
vulnerability and not be attacked by the hacker are mentioned below. Always check for
updates that are available in the official store only that is from Microsoft. Use trusted
antivirus to let this antivirus deal with the situation if any error or mistake is done so that
system will have a backup to not to get from any malicious attack. Antiviruses also need to be
updated to have the latest information about the threats and perform task well. In case a
system get attacked by the hacker or any unauthorized access it is highly recommended to
unplug the system from network and make sure that it is not connected with any other device
because there will be very likely that the connected device may get attacked as well. Do not
11
VULNERABILITY TEST FOR WINDOWS 10
plug in any device, which is having sensitive information in the system, first it is
recommended to remove and make sure that the system is free from threats.
Appendix
Prioritizing the resources is the management of resources and allocating them as per
the demand and time consuming. If two objects are asking for the same resource at the same
time then it will be given to the object who is having higher degree of priority.
VULNERABILITY TEST FOR WINDOWS 10
plug in any device, which is having sensitive information in the system, first it is
recommended to remove and make sure that the system is free from threats.
Appendix
Prioritizing the resources is the management of resources and allocating them as per
the demand and time consuming. If two objects are asking for the same resource at the same
time then it will be given to the object who is having higher degree of priority.
12
VULNERABILITY TEST FOR WINDOWS 10
References
Allodi, L., 2015, March. The heavy tails of vulnerability exploitation. In International
Symposium on Engineering Secure Software and Systems (pp. 133-148). Springer,
Cham.
Calzavara, S., Rabitti, A. and Bugliesi, M., 2016, October. Content security problems?:
Evaluating the effectiveness of content security policy in the wild. In Proceedings of
the 2016 ACM SIGSAC Conference on Computer and Communications Security (pp.
1365-1375). ACM.
Garousi, V. and Mäntylä, M.V., 2016. A systematic literature review of literature reviews in
software testing. Information and Software Technology, 80, pp.195-216.
Gupta, R.K., Janumahanthi, S.K., Nagesh, M.V.G.V., Somisetty, V.R., Thota, P. and Vb,
V.K., International Business Machines Corp, 2015. End to end testing automation and
parallel test execution. U.S. Patent 9,032,373.
Henard, C., Papadakis, M., Harman, M., Jia, Y. and Le Traon, Y., 2016, May. Comparing
white-box and black-box test prioritization. In 2016 IEEE/ACM 38th International
Conference on Software Engineering (ICSE) (pp. 523-534). IEEE.
Jamil, M.A., Arif, M., Abubakar, N.S.A. and Ahmad, A., 2016, November. Software Testing
Techniques: A Literature Review. In 2016 6th International Conference on
Information and Communication Technology for The Muslim World (ICT4M)(pp.
177-182). IEEE.
Jan, S.R., Shah, S.T.U., Johar, Z.U., Shah, Y. and Khan, F., 2016. An innovative approach to
investigate various software testing techniques and strategies. International Journal of
VULNERABILITY TEST FOR WINDOWS 10
References
Allodi, L., 2015, March. The heavy tails of vulnerability exploitation. In International
Symposium on Engineering Secure Software and Systems (pp. 133-148). Springer,
Cham.
Calzavara, S., Rabitti, A. and Bugliesi, M., 2016, October. Content security problems?:
Evaluating the effectiveness of content security policy in the wild. In Proceedings of
the 2016 ACM SIGSAC Conference on Computer and Communications Security (pp.
1365-1375). ACM.
Garousi, V. and Mäntylä, M.V., 2016. A systematic literature review of literature reviews in
software testing. Information and Software Technology, 80, pp.195-216.
Gupta, R.K., Janumahanthi, S.K., Nagesh, M.V.G.V., Somisetty, V.R., Thota, P. and Vb,
V.K., International Business Machines Corp, 2015. End to end testing automation and
parallel test execution. U.S. Patent 9,032,373.
Henard, C., Papadakis, M., Harman, M., Jia, Y. and Le Traon, Y., 2016, May. Comparing
white-box and black-box test prioritization. In 2016 IEEE/ACM 38th International
Conference on Software Engineering (ICSE) (pp. 523-534). IEEE.
Jamil, M.A., Arif, M., Abubakar, N.S.A. and Ahmad, A., 2016, November. Software Testing
Techniques: A Literature Review. In 2016 6th International Conference on
Information and Communication Technology for The Muslim World (ICT4M)(pp.
177-182). IEEE.
Jan, S.R., Shah, S.T.U., Johar, Z.U., Shah, Y. and Khan, F., 2016. An innovative approach to
investigate various software testing techniques and strategies. International Journal of
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13
VULNERABILITY TEST FOR WINDOWS 10
Scientific Research in Science, Engineering and Technology (IJSRSET), Print ISSN,
pp.2395-1990.
Krit, S.D. and Haimoud, E., 2016, September. Review on the IT security: Attack and defense.
In 2016 International Conference on Engineering & MIS (ICEMIS) (pp. 1-12). IEEE.
Litchfield, A. and Shahzad, A., 2018. Vulnerability and Risk Assessment of XEN
Hypervisor.
Madhukar, A., EMC Corp, 2015. Using font information installed in an operating system to
intercept text being printed. U.S. Patent 9,013,732.
Silberschatz, A., Gagne, G. and Galvin, P.B., 2018. Operating system concepts. Wiley.
Younis, A., Malaiya, Y.K. and Ray, I., 2016. Assessing vulnerability exploitability risk using
software properties. Software Quality Journal, 24(1), pp.159-202.
VULNERABILITY TEST FOR WINDOWS 10
Scientific Research in Science, Engineering and Technology (IJSRSET), Print ISSN,
pp.2395-1990.
Krit, S.D. and Haimoud, E., 2016, September. Review on the IT security: Attack and defense.
In 2016 International Conference on Engineering & MIS (ICEMIS) (pp. 1-12). IEEE.
Litchfield, A. and Shahzad, A., 2018. Vulnerability and Risk Assessment of XEN
Hypervisor.
Madhukar, A., EMC Corp, 2015. Using font information installed in an operating system to
intercept text being printed. U.S. Patent 9,013,732.
Silberschatz, A., Gagne, G. and Galvin, P.B., 2018. Operating system concepts. Wiley.
Younis, A., Malaiya, Y.K. and Ray, I., 2016. Assessing vulnerability exploitability risk using
software properties. Software Quality Journal, 24(1), pp.159-202.
1 out of 14
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.