https://www.computerworld.com/article/3005184/encryption/bitlocker-encryption-can-be-defeated-with-trivial-windows-authentication-bypass.html
Wow. Just came across this by chance. I can't believe I missed that one back in 2015. The article describes, that due to bad design, windows (all versions) allowed attackers at the logon screen to break in without knowing the password of your domain user account.

I consider myself very well-informed when it comes to computer security and I did not know this. How did Microsoft manage that this did not start a giant outcry, back then? Must be, because the security advisory simply does not even rate this "critical"!
0

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month