Just four days ago, WindowsBlogItalia leaked screenshots of Microsoft’s alleged Windows 10 Cloud edition, ultimately showing that the OS would only run apps from the Windows Store.
Now, it appears that a Twitter user who goes by the name of Longhorn has managed to bypass Microsoft’s Win32 app block on Windows Cloud.
Judging by the first screenshot uploaded on Twitter, the user managed to run apps from outside the Windows Store, in this case, Google Chrome, and the Desktop App Converter.
A second screenshot shows that Windows SmartScreen gave the user subsequent warnings after he managed to run the apps.
Longhorn managed to bypass those warnings as well, which might hint to the Windows PowerShell somehow being involved in the process.
The method for bypassing said block is yet to be revealed, however, it will be interesting to see how Microsoft handles this news moving forward.
The self-proclaimed security researcher is writing on his new blog that rumors of Win32´s death would be exaggerated and that Windows itself relied on it.
“At the end, Windows Cloud is nothing more or less than a Professional variant with UMCI enforced,” he explains further. UMCI stands for user mode code integrity, which is one of the two code integrity policies used in Windows 10 and Windows Server 2016.
It allows only authorized apps to be run and blocks all other apps from execution.
Twitter user Longhorn also recorded the following short demo, for which he disabled UMCI.
Windows 10 Cloud might be released alongside the Creators Update in April and it has been branded as a lightweight, low-cost operating system perfectly aligned to take on Google’s Chrome OS.
Microsoft had to deal with a similar hack back in January 2013, when a user managed to jailbreak Windows RT and executed unsigned ARM desktop applications. A Microsoft spokesperson applauded the user and determined the jailbreak posed no security threat.