At the airport this evening – and I could not help but notice the big pop-up on this Kiosk. In Microsoft’s relentless last minute effort to push Windows 10 upgrades onto the existing Windows 7 user base, they have made this poor little airport kiosk vulnerable to tampering. As you can see from the photo, the upgrade window usurps the Kiosk software. Another unattended effect was that the start menu was exposed. IT appears this machine had no GPO to wrench down what was visible; they were relying solely on the Kiosk software to hide the Windows 7 OS beneath it.
Microsoft seems to have two brains when it comes to Security. They have many respectable Information Security Teams throughout their org; and they team with other organizations to bring down massive botnets and tackle cyber crime on a global scale; they have a major Security footprint in their Azure Cloud. They are Security bad-asses. And then there is the Windows Team . . . which is run by the marketing team?
Could an admin have stopped this pop-up with GPO ? I would guess not, but maybe. But, what I do know for sure is that GPO would have prevented full rights to the OS behind the Kiosk software. This software most likely running with full local admin rights. So, Although I like to pick on Microsoft, this one is on the IT Security folks.