A new discovery that the AI-enabled feature’s historical data can be accessed even by hackers without administrator privileges only contributes to the growing sense that the feature is a “dumpster fire.”
Not surprising. If there’s a way for a non-admin user to use this, it means there’s probably a way for a non-admin process to access the data.
Even if if were more secure, there’s probably plenty of ways for attackers to escalate privileges to admin.
The bigger issue is Microsoft providing an official tool for snooping on user activity. Malware won’t have to install their own, and recall taking screenshots periodically won’t be considered anomalous behaviour since it’s an official Microsoft service.
Not surprising. If there’s a way for a non-admin user to use this, it means there’s probably a way for a non-admin process to access the data.
Even if if were more secure, there’s probably plenty of ways for attackers to escalate privileges to admin.
The bigger issue is Microsoft providing an official tool for snooping on user activity. Malware won’t have to install their own, and recall taking screenshots periodically won’t be considered anomalous behaviour since it’s an official Microsoft service.
The article describes a tool that grabs the data without admin privileges, but yes, there are methods used by current malware to escalate privileges.