GO
Loading...

Microsoft reports may aid hack attacks on businesses

Next time you get an error report from Microsoft on your office PC, you may want to think twice before sending the crash data.

A lot of valuable information about a network is transmitted unencrypted in an error report sent back to Microsoft, which leaves a company more vulnerable to an attack by hackers, according to Alexander Watson, the security research director at Websense.

(Read more: PayPal president's credit card hacked for shopping spree )

"One thing we realized very quickly was how little people knew about what type of information is in these crash reports," he said. "That initial information is all unencrypted and in clear text, and that information tells a hell of a lot more about the computer than people realize."

(Read more: Record-breaking DDoS attack strikes CloudFlare's network )

The error report also sends data about devices plugged into the computer, including operating systems and applications.

"All those things are really valuable to attackers," Watson said. "From an attacker's perspective, when they know what's on your network, it's much easier to attack it. ... If someone was able to intercept that, they would have a complete road map to your business."

Watson, who wrote about the Windows exploit on his company's blog in December, said the high volume of error reports companies send makes this a real risk.

Microsoft's reporting system, Windows Error Reporting (also called Dr. Watson), is on 80 percent of all network-connected PCs, according to the company. Reports sent on Windows XP, Vista and Windows 7 are all unencrypted (Windows 8 PCs include encrypted error reports).

According to Microsoft's Windows 8 Privacy statement, the company says it does encrypt the messages sent on its latest operating system.

"Secure Socket Layer connections are regularly established to communicate details contained in Windows error reports," a company spokesperson said in a statement to CNBC. But Watson said that many organizations using older versions of Windows are still sending their reports in clear text.

The data in a crash report could enable a hacker to break in and linger undetected in a company's database, collecting confidential information about the business.

"People should be concerned, especially these multinational corporations where you have a wide geographic footprint," Watson said. "The real threat here would be a nation state-level group where they could say, 'I want access to these logs,' and they could have a tap somewhere collecting that information."

Story has been updated to include the company's comment.

By CNBC's Cadie Thompson. Follow her on Twitter @CadieThompson.

Symbol
Price
 
Change
%Change
MSFT
---

Featured

Contact Technology

  • CNBC NEWSLETTERS

    Get the best of CNBC in your inbox

    › Learn More

Squawk Alley