According to Sami Laiho
Every Windows 10 in-place Upgrade is a SEVERE Security risk
This is a big issue and it has been there for a long time. Just a month ago I finally got verification that the Microsoft Product Groups not only know about this but that they have begun working on a fix. As I want to be known as a white hat I had to wait for this to happen before I blog this.
There is a small but CRAZY bug in the way the "Feature Update" (previously known as "Upgrade") is installed.
The installation of a new build is done by reimaging the machine and the image installed by a small version of Windows called Windows PE (Preinstallation Environment).
This has a feature for troubleshooting that allows you to press SHIFT+F10 to get a Command Prompt.
This sadly allows for access to the hard disk as during the upgrade Microsoft disables BitLocker. I demonstrate this in the following video.
This would take place when you take the following update paths:
- Windows 10 RTM --> 1511 or 1607 release (November Update or Anniversary Update)
- Any build to a newer Insider Build (up to end of October 2016 at least)
The real issue here is the Elevation of Privilege that takes a non-admin to SYSTEM (the root of Windows) even on a BitLocker (Microsoft's hard disk encryption) protected machine.
And of course that this doesn't require any external hardware or additional software.
It's just a crazy bug I would say
Windows 10 RTM --> 1511 or 1607 release (November
Update or Anniversary Update)
http://blog.win-fu.com/2016/11/every-windows-10-in-place-upgrade-is.html
My conclusion to this:
- do not leave your computer alone while your upgrades are processing;
- avoid downloading the upgrades as long as you can;
- have backups kept current;
- have a godd anti-virus and currently upgraded;
- cross your fingers.