Listening to Security Now brought this Windows flaw to my attention. There appears to be a heuristics flaw in the secure time seeding function in Windows. This flaw may reset the computers clock to hours, days, months or years. This has the the potential of a HUGE support headache never mind a potential security flaw.
To learn more about this you can listen to the pod cast here, or read the notes from the pod here. Also Ars Technica has a good article.
To avoid the issue it is recommended to disable the function by editing a registry key. Editing Window's registry keys should only be done if one understands the ramifications in doing so. Always perform back-ups.
Using regedit, edit as follows:
Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config
Set REG_DWORD UtilizeSslTimeData to 0 to disable. All my Windows 10 machines had it enabled.
Comments