Hackers Can Use Windows 11 Power Automate Tool!

According to security researchers, the Power Automate feature, which provides great convenience to Windows 11 users, can also be used by malicious people to achieve their purposes more easily.
 Hackers Can Use Windows 11 Power Automate Tool!
READING NOW Hackers Can Use Windows 11 Power Automate Tool!

Microsoft’s new operating system Windows 11 came with many new features. Studies on the use of these features continue. According to a cyber security firm, a feature of the new operating system is also suitable for use by malicious people.

Windows 11 comes with a feature called Power Automate in itself. Although this feature solves many problems and provides an easier experience for users, it has the potential to cause serious security vulnerabilities if malicious people access it.

What is the Power Automate tool, what does it do?

Thanks to this feature, we can leave some things to automation. Thus, Windows 11 prevents us from having to deal with ordinary operations over and over again. For example, if our work requires taking a backup of 1 table per hour, thanks to this feature, the operating system takes a backup without us having to deal with it. The Power Automate feature includes backing up files, converting batches of files, moving datasets between programs, automating actions over the cloud in a network, and more.

While there are various presets within the app, users can also customize their own automations. The feature, which can be used almost without knowing any coding, is expected to reach great popularity.

Michael Bargury, CTO of security firm Zenity, says that malicious people who can access this feature can spread malware faster thanks to automation. He even published the code that could perform this attack under the name Power Pwn.

For this vulnerability to work, malicious people must already have access to someone’s computer or be on a public network. If an attacker manages to access or create an account with administrative permissions, they can use automation to spread ransomware or steal verification codes. Moreover, since the malware will come directly from Microsoft, it will be difficult to detect it.

Microsoft, on the other hand, says that a fully updated system can withstand such an attack, and networks can also detect and isolate infiltrated systems with registry entries. However, for these security measures to be effective, people need to be careful.

Comments
Leave a Comment

Details
258 read
okunma10222
0 comments