Microsoft's lack of security angers me; virus got in from Start Menu news blocks in Win10

VirtualLarry · Nov 2, 2019

This has happened to a relative TWICE now, the Start Menu in Win10 shows blocks "of interest", news articles, pictures, says bottom blocks says "News", with constantly changing pics.

This relative has clicked on it frequently, 4-8 times a day, to "read news".

This last time, it came on with a voice warning, about "Your computer is locked", etc., etc. Yeah, one of those.

I thought that all of those blocks came through the Windows Store to get onto the Start Menu, and that they were VETTED. So much for MS's crappy security.

So BE AWARE, CLICKING ON START MENU ITEMS CAN LEAD TO VIRUSES AND MALWARE ON WIN10.

crashtech · Nov 2, 2019

I don't use the Start Menu that way, but I would have to guess that it's a browser exploit, since "Pin to Start" is a menu option in MS browsers.

Micrornd · Nov 3, 2019

VirtualLarry said:
This last time, it came on with a voice warning, about "Your computer is locked", etc., etc.

You left out the rest of the story.
A page like that just appearing doesn't install a virus.
It's what you do after that, that may lead to an exploit.
You need to teach your relative how to close the page and move on from there.

mxnerd · Nov 3, 2019

What you see probably is not virus, just pop up ads messages.

I always use Open Shell Menu and never give a dxxn about MS Start Menu, which is a disaster till this day.

Releases · Open-Shell/Open-Shell-Menu

Classic Shell Reborn. Contribute to Open-Shell/Open-Shell-Menu development by creating an account on GitHub.

github.com

RLGL · Nov 3, 2019

I have gotten that message several times while at the msn news sight. Shut down and restart time with the power button.

JackMDS · Nov 3, 2019

Just like people have to learn what part of town to avoid, whick Bars and Restaurant are not a Good choice, they have to learn where to Go to or Not an Internet.

In general we got to a Very Rocky Historical Period in our live. I.e., take of the personal responsibity off and always blame other ofr any of our unfortunate decisions.

So... teach them how to use smarter the computer and its software.

VirtualLarry · Nov 3, 2019

Micrornd said:
You left out the rest of the story.
A page like that just appearing doesn't install a virus.
It's what you do after that, that may lead to an exploit.
You need to teach your relative how to close the page and move on from there.

RLGL said:
I have gotten that message several times while at the msn news sight. Shut down and restart time with the power button.

That's what the relative does, but @Micrornd , you don't fully grasp the situation. Maybe it's like that on Linux, but when those "bad ads" hit on Windows, they are usually deployed with an exploit package, and whatever exploits are active on the system DO get exploited, and the malware worms its way into the system, regardless of what you do.

And for the record, the first time it happened, the relative shut off their computer with the power button. It didn't come back.

This second time, they did the same thing, and when they rebooted, there was some message on the screen about it again.

Look, I've dealt with cleaning these sorts of malwares off of Windows' PCs before. Not all of them are just simply "harmless ads". Some are, some aren't.

If you were running Linux, much easier to escape being exploited by one of these. But Windows'? Good luck.

VirtualLarry · Nov 3, 2019

JackMDS said:
Just like people have to learn what part of town to avoid, whick Bars and Restaurant are not a Good choice, they have to learn where to Go to or Not an Internet.

In general we got to a Very Rocky Historical Period in our live. I.e., take of the personal responsibity off and always blame other ofr any of our unfortunate decisions.

So... teach them how to use smarter the computer and its software.

That's what I'm getting at, Jack.

This is NOT about "going somewhere 'bad' on the internet".

This is about a naive user, clicking on a "News" square block on their PC's Start Menu. Stuff that's SUPPOSED TO BE SAFE TO CLICK ON.

This is Microsoft's fault.

Commodus · Nov 3, 2019

Or, one reason why I'm happy to both use a Mac and recommend them to people who don't have a specific reason to use Windows. Yeah, most of the people who'd post here can avoid that crap, but it's nice to have a platform where that wouldn't be an issue in the first place.

whm1974 · Nov 3, 2019

@VirtualLarry Put your relative on a New User Friendly Linux Distro and show Him/Her how to get started and both of you will live happy forever.

balloonshark · Nov 3, 2019

When I first booted up a copy of Windows 10 the first thing I did was shut all that crap off and everything else I could in PC Settings. Windows should stick to being an OS to run 3rd party programs and if they want to run an app store it should be a separate optional install.

JEDIYoda · Nov 12, 2019

I have never ever had that problem you are describing Virtual one!! A solution to your issue though is to disable those boxes or delete them off the system!! I never did like those boxes when I go into my start menu...

Micrornd · Nov 12, 2019

VirtualLarry said:
That's what the relative does, but @Micrornd , you don't fully grasp the situation. Maybe it's like that on Linux, but when those "bad ads" hit on Windows, they are usually deployed with an exploit package, and whatever exploits are active on the system DO get exploited, and the malware worms its way into the system, regardless of what you do.

And for the record, the first time it happened, the relative shut off their computer with the power button. It didn't come back.

This second time, they did the same thing, and when they rebooted, there was some message on the screen about it again.

Look, I've dealt with cleaning these sorts of malwares off of Windows' PCs before. Not all of them are just simply "harmless ads". Some are, some aren't.

If you were running Linux, much easier to escape being exploited by one of these. But Windows'? Good luck.

I do grasp the situation fully.
If your relatives are still using IE, that's 90% of the problem
I don't run Linux or know anything about it, I only run Windows.
I use no anti-virus software other than the stock Windows Defender.
I go many, many places on the net that I sincerely hope your relatives never go to

I have yet to have any exploit from one of the type of sites you describe, by the page simply appearing and freezing Edge.
It always requires some form of additional input to exploit.
It is a rather simple malware.

To back out properly without exploits -
When the page appears, do not click on anything.
Note the tab description of the page in question.
Ctrl-Shft-Esc, Apps, expand Microsoft Edge, "end task" (right click) the page in question (the noted tab description), "end task" "the page has a problem" (or similar description that results from ending the page in question), "end task" Microsoft Edge.
Restart Edge, as the page(s) are loading, close the tab of the page in question before it loads completely (that's why you note the tab description above).
Restart Edge and browse normally, do not go back to the page in question to see if it was a mistake, it wasn't (if you do go back to that page, start the "back out" from the beginning again).

That routine has always worked here, without fail, for the type of pages you describe.
Try it for yourself.

VirtualLarry · Nov 12, 2019

Micrornd said:
If your relatives are still using IE, that's 90% of the problem

This is NOT IE, this is MS's "News Reader App".
(Edit: And for the record, they use Firefox, and not IE.)

Micrornd said:
It always requires some form of additional input to exploit.
It is a rather simple malware.

Depends. Some just lock the browser/screen, and ask you to call a number, and then they socially-engineer you, and get your CC # to "Fix" the "problem".

Other times, those pages are delivered with encrypted JavaScript ready-made exploit packages, and if you're running in an Admin account, will take over your PC. No user input required.

Not to mention, "WebAssembly".

I think that you are being a bit closed-minded, as to the cause and possibilities with malware these days on the internet. Or hopelessly naive. (That the user must somehow provide input, or "Activate" the exploit, that there is no such thing as a silently-exploitable codebase, or shell scripts, or whatever. Keep living in your bubble.)

Edit: Perhaps the only reason that you haven't been explicitly exploited, is because you either surf from a non-Admin account, or Edge fairly cutting-edge sandboxing technologies are blocking the most common exploit packages. If you were using IE, and surfing from an Admin account, no doubt that you would be 0wn3d.

Does MS's "News app" use their browser engine behind-the-scenes? You can't bookmark the News stories that appear, that I am aware of.

Red Squirrel · Nov 12, 2019

When I encounter a windows 10 PC one of the first things I do is install Classic Shell and get rid of that terrible advertisement ridden start menu.

It is pretty bad that MS is not vetting the advertisers better though... Sadly not surprising.

Shmee · Nov 13, 2019

I am not sure this is an MS problem, more of an Ads are bad problem. I use chrome, I use ublock origin, and this helps prevent popups and ads. I also use windows 10 but I remove all the default buttons on the start menu and turn off Cortana and various other stuffs.

I do believe both of you are possibly correct. Sometimes what you mention is just a hijacked browser (IE, edge) but sometimes the malware actually gets on the local drive and infects the computer.

Search

Microsoft's lack of security angers me; virus got in from Start Menu news blocks in Win10

VirtualLarry

No Lifer

crashtech

Lifer

Micrornd

Golden Member

mxnerd

Diamond Member

Releases · Open-Shell/Open-Shell-Menu

RLGL

Platinum Member

JackMDS

Elite Member

VirtualLarry

No Lifer

VirtualLarry

No Lifer

Commodus

Diamond Member

whm1974

Diamond Member

balloonshark

Diamond Member

JEDIYoda

Lifer

Micrornd

Golden Member

VirtualLarry

No Lifer

Red Squirrel

No Lifer

Shmee

Memory & Storage, Graphics Cards Mod Elite Member

TRENDING THREADS