New
#1
Switch to DHCP - a security problem in Win10 updates
In couple of last Win10 automatic upgrades I observed the following update behaviour - if the configured IP address of the Ipv4 protocol on a network card is unable to reach Internet, the update switches the settings to DHCP mode in order to correct this. This IMO is security risk in a lot of situations and should not be done. Example: I have a PC with two network cards, one card sits in my office LAN subnet and is also used to access the internet. The second card sits in a neigbooring office different LAN (different subnet) and is used to access their network drives. No Internet access is allowed on it - the other router blocks the particular IP address. In order to avoid errors in case routing would accidentally decide to use this other subnet, I have the metric of the network card interface set to 999. All works well. Now there comes Win10 Update that detects that the other card cannot access the Internet and changes the "explicit IP" setting to DHCP mode. Internet is now accessible through it and I have no control which router manages the request - mine, or theirs? Moreover - because the other office uses different provider, there may arise a conflict when sending mails - mails routed through the other subnet will be blocked as they come from provider not known to my SMTP server operator.
Last edited by Roman Krejci; 19 Sep 2017 at 09:21.