Security Round Up: A Windows Data Wiping Bug and Recent Malware Attacks

As there always are, new security breaches and updates have been in recent news. While it would be nearly impossible to cover everything, we specifically pick those stories that we think affect the most individuals. As such, this post discusses an important Windows data wiping bug as well as the rise of malware attacks taking advantage of recent news and events.

Sharing information about current security threats is important because it helps inform others so they can protect themselves. Raising awareness is an effective way to reduce the exposure of security threats and attacks.

Security Round Up: A Windows Data Wiping Bug and Recent Malware Attacks

Below are specific details about the Windows data wiping bug and the increase in targeted malware attacks.

Windows data wiping bug

The Windows operating system comes with a system reset option that can be used for many reasons. The reset option is often useful when:

  • A device is infected with malware in such a way that trying to remove the malware proves more time consuming than simply resetting the device, reinstalling applications and files.
  • A user plans to replace a device and they want to repurpose the device for another user and/or sell it to someone else. NOTE: We caution against using only this feature to remove private data if you intend to sell the device. A better option is to replace the drive altogether.
  • The device was given to you and it has all kinds of software and applications you do not need. Starting with a clean install rather than trying to individually remove all the programs and adjusting the settings is often preferred in situations like these.

The Windows restore menu is under Settings, Update & Security.

The main benefit of the Windows reset feature is that it is supposed to remove all of user data from the local drive so that anyone who uses the device after you cannot access any of your data. This is a simpler process than removing and replacing the drive and then having to reinstall Windows from scratch.

Note: Using the Windows reset feature will never be as secure as removing the drive and having it professionally destroyed according to HIPAA, HITECH and NSA standards. When choosing which option is best for you, consider who is going to use the device after you.

Unfortunately, a recent bug was revealed in both the newest versions of Windows 10 and 11 that prevents the system restore from working properly. The bug affects locally stored OneDrive data and leaves data fully accessible even if disk encryption was used before resetting the device.

What to know: While the bug affects files stored in OneDrive, it does not affect those files that are stored only in OneDrive. Until the bug is fixed, Microsoft suggests signing out of all OneDrive accounts before resetting the device or deleting the Windows.old folder after the device has been reset. Once a more permanent fix has been released, this will not be necessary. However, logging out of applications is still a good idea before resetting any device.

Recent malware atttacks taking advantage of recent news

As with any big news events, hackers are taking advantage of Ukraine being in the news and a part of current events. Hackers target current events, using companies or countries in the news, because people are more likely to look for news about these events. This means more chances for hackers to trick users into clicking on malicious ads and links. An increase in both attacks and infections related to popular news stories is very common.

Recently, several different types of malware have been detected trying to disrupt organizations in Ukraine. While each type of malware operates differently, the purpose of these malware attacks are to render devices useless. Strategically targeting devices can impact critical systems used for communication, planning, detection, basic human services and more.

What to know: These particular attacks are targeting organizations specifically located in Ukraine. However, that does not mean additional malware and ransomware attacks related to these news events are not also occurring. Using Ukraine as the topic of interest helps ensure greater clicks and is why hackers will target this topic. It is always important to be careful what links you click, to use great caution clicking on links or opening attachments sent in emails, and to be cautious when clicking on ads.

There will always be new security threats introduced and they will often take advantage of current news and trending events. This is because in general, people are curious and want to be informed. Unfortunately, that curious nature can get you into trouble if you are not careful about what links you click on, as well as the emails and attachments you open. Remember, it is always safer to go directly to a news source for your information.

As always, it is better to be careful when it comes to clicking on links or opening attachments!