Researcher Took Control of Microsoft's Live Tile Service, Defacement PoC Demoed

More from: | Bleeping Computer |
0

Microsoft has recently lost control of the subdomain used to deliver content to Windows Live Tiles (also known as Windows Start Screen tiles), as discovered by Golem.de journalist and security researcher Hanno Böck.

The Live Tiles which were initially introduced in Windows 8 receive new content updates from the notifications.buildmypinnedsite.com with the help of RSS feeds.

As the researcher explains, “With a special XML-based file format, web pages can control the content of the tiles; for example, they can show the latest news. To make it easier for web pages to provide this function, Microsoft ran a service that automatically converted RSS feeds into that special XML format.”

Windows Live Tiles notification feeds on Mail.ru

Böck was able to take control of

(...)

Read full article » https://www.bleepingcomputer.com/news/security/researcher-took-control-of-microsofts-live-tile-service-defacement-poc-demoed/


About | Bleeping Computer |

Bleeping Computer® is a technical support site and a self-education tool for the novice user to learn basic concepts about Computer Technology. Our focus is to allow the novice computer user to be able to have a place that they can come and discuss computer/technology problems with their peers and at the same time have a rich resource in which to learn the "basics" about computers and technology.

We have found, with our extensive experience in helping users, whether they be family, friends, coworkers, or clients, that most technical support problems lie not with the computer, but with the fact that the user does not know the "basic concepts" that underlie all issues of computing. These concepts include hardware, files and folders, operating systems, Internet, and applications.

»Twitter: @BleepinComputer »Facebook: @BleepingComputer »YouTube: BleepingComputer