Security Alert: Windows Out-of-Box-Experience (OOBE) Flaw

August 25, 2025
Posted by: Chernor Jalloh
Categories:

A newly discovered flaw in Windows Out-of-Box-Experience (OOBE) allows attackers to gain full administrative command prompt access during system setup, even when Microsoft’s standard protections are enabled.

RISKS: Backdoor account creation, system changes, persistent access.

MITIGATION:

Do not leave devices unattended during setup.
In Intune: Hide reset button on corporate Windows devices to prevent abuse.

Full advisory available on our website. Stay secure, stay informed.

National Cybersecurity Coordination Centre Launches Sierra Leone’s National CSIRT and Digital Forensics Lab Freetown, Sierra Leone

14/01/2025

Cybersecurity Awareness Training for Government Ministries: Enhancing Digital Security

10/01/2025

Cyber Awareness School Debate: Uniting 16 Schools for Cybersecurity Education

10/01/2025

Cyber Hour Radio Program

27/07/2024

Workshop on the Budapest Convention

08/06/2024

Global Conference on Cyber Capacity Building

08/06/2024

how can we help you?

NC3 is dedicated to safeguarding your digital world. Our team of experts is here to provide comprehensive cyber security solutions tailored to your needs. Whether you’re a small business, a large corporation, or an individual seeking to enhance your online security.

Security Alert – HOOK Android Trojan Targeting Banking & Crypto Apps

26/08/2025