10

Is it safer or more dangerous to run Windows Update when abroad and using a WPA2 connection to a random cafe's wi-fi?

Obviously good news: you get the latest security tweaks.

Possible bad news: just how likely is it that you've opened up path for malware to get into the heart of the machine?

Sherbourne
  • 101
  • 2

2 Answers2

12

In this document explaining Windows Update from 2008 (a bit outdated, but you get the idea), it is stated in the Security Protections section that:

  1. Windows Update uses the Secure Socket Layer (SSL) protocol to send and receive information. SSL is used to encrypt the information being transferred, prevents hackers from tampering with information being transferred, and verifies that the Windows Update agent is transferring data from an authorized Microsoft server.
  2. Each update is individually signed using the Secure Hashing Algorithm (SHA-1). This technology allows Windows Update to confirm that the update has been downloaded correctly and hasn’t been changed by anyone. The update signature is also compared to information in the update metadata that was previously downloaded.
  3. Windows Update also checks for the certificate associated with each update. This certificate provides a means for Windows Update to validate the source of each update. Currently Windows Update will only install updates that have certificates issued by Microsoft or other providers that are trusted by Microsoft.

Therefore, you should not be worried about downloading Windows Update on a public Wi-Fi unless the security provided by Windows itself is broken.

Simon
  • 3,202
  • 4
  • 27
  • 38
  • 1
    Although SHA-1 is being deprecated... – Deer Hunter Sep 18 '14 at 16:53
  • 7
    @DeerHunter Deprecated, but not broken. – Xander Sep 18 '14 at 16:56
  • 5
    @DeerHunter In this case the collision weakness of SHA-1 (which made it deprecated for certs) doesn't matter, as the updates only come from microsoft. – user10008 Sep 18 '14 at 17:07
  • 2
    It checks the SHA-1 hashs only against the metadata it received earlier over the same channel, so this step doesn't add much security anyway. However, the steps 1 and 3 are additional security layers which are independent from this, and either one alone would be enough to make the update secure, even when over a completely untrusted connection. – Philipp Sep 18 '14 at 17:45
  • A DNS based attack on a compromised access point might defeat #1, but #3 would still protect you. Unless they use some sort of certificate pinning, which on second thought is pretty likely. So a DNS attack would probably not affect #1 either. – ntoskrnl Sep 18 '14 at 19:32
  • Over a random wifi, #3 is your strongest point. Even if SSL fails, your computer knows not to run the update if its signature doesn't match. Any changes will break this signature, and any way of adding a new certificate to your system to circumvent this means the attackers have already gained access regardless if you're downloading an update or not. –  Sep 18 '14 at 22:45
  • @user10008 Cannot disagree with you more. Given the cost of collisions is approximately ~$1M. You are correct that the average adversary would not be able to pay that much money. But as PRISM demonstrated, state level adversaries are easily able to stump up the cash. Further more, if I had $1M lying about, I COULD infect every windows machine to mine Bitcoins for me using a Windows update, quickly recouping my outlay. TL:DR It costs $1M to crack SHA-1, which really isn't that much money. – Aron Sep 19 '14 at 03:24
  • @Aron. Yes collisions are easy nowadays, true, but unfortunately collisions don't work. What are collisions? Collisions are when you can chose A and B, so that you get hash(A)==hash(B). This is a problem when A semms like an innocent certificate, and B is a CA certificate. You get A signed as it is legit, and can use the sig to claim b is legit. But as the hashes are supplied by microsoft, you can chose only one of those two values, which means you need to find B for a fixed A so that hash(A)==hash(B). This is called second preimage attack. SHA-1 is still safe in this manner. – user10008 Sep 19 '14 at 14:08
  • @user10008 okay that would leave just device drivers and OEM as adversaries then... – Aron Sep 19 '14 at 14:14
  • It should be pointed out that some updates are no longer over HTTPS. In theory this adds an extra opportunity of exploiting the client software itself. – Michael Jun 23 '19 at 00:46
3

Unless the bad guys have the keys used to authenticate updates, you are OK. If the bad guys can break or cajole Microsoft, you are likely already compromised.

The situation gets weird when the bad guys are able to track Microsoft's critical patches, and reverse-engineer them.

There is one attack vector that may be used: blocking access to Windows Update servers while exploiting the remote vulnerability that the updates were supposed to patch.

After they install the rootkit on your machine, the patch may be allowed to proceed. This method relies on high numbers of compromised routers and rather sophisticated attackers who aren't content with password phishing.

To answer your question directly: being abroad does increase the risk, since you are by definition visiting many places where you haven't been before. Hotel chains are known to be compromised.

Deer Hunter
  • 5,347
  • 6
  • 35
  • 50