Microsoft surface safety issues

The absence of authentication, however, means that PBC does not protect against active attack. Also, an active attacker who merely has physical proximity can repeatedly tear down any Wi-Fi Direct group and attempt the attack until it succeeds.

The design of split PIN verification led to multiple implementation vulnerabilities over the past several years across a range of Wi-Fi hardware manufacturers. To crack the PIN, an attacker must complete the entire exploit in less than 30 seconds.

Given the current state of tools and research in this area, a brute-force PIN-cracking attack through WPS is unlikely to succeed. In , Dominique Bongard described a "Pixie Dust" attack where poor initial randomness for the pseudo random number generator PRNG in the wireless device allowed an offline brute-force attack. Misconfiguration binds a vulnerable or unauthenticated network service to "all" interfaces, which includes the Wi-Fi Direct interface. This can expose services that shouldn't be accessible to Wi-Fi Direct clients, which may be weakly or automatically authenticated.

Wi-Fi Direct devices could allow unauthenticated or poorly authenticated access to bridged network connections. Surface Hub can't be configured to bridge wireless interfaces or allow routing between disparate networks. The default firewall rules add defense in depth to any such routing or bridge connections.

By supporting both Wi-Fi Direct and This may expose the connection-setup phase indefinitely, allowing groups to be joined or devices invited to connect well after their intended setup phase terminates. Surface Hub doesn't support Wi-Fi Direct legacy clients.

If groups are dynamically established or the Wi-Fi Direct device can be made to join new groups, the group owner negotiation can be won by a malicious device that always specifies the maximum group owner "intent" value of But the connection fails if the device is configured to always be a group owner.

And Surface Hub is always the group owner. Deauthentication packets can be sent by an unauthenticated attacker to cause the station to re-authenticate then to sniff the resulting handshake.

Cryptographic or brute-force attacks can be attempted on the resulting handshake. Mitigation for these attack includes enforcing length and complexity policies for pre-shared keys, configuring the access point if applicable to detect malicious levels of deauthentication packets, and using WPS to automatically generate strong keys.

In PBC mode, the user interacts with a physical or virtual button to allow arbitrary device association. This process should happen only at setup, within a short window.

After the button is automatically "pushed," the device will accept any station that associates via a canonical PIN value all zeros. Deauthentication can force a repeated setup process. No PSK configuration is permitted. This method helps enforce generation of strong keys.

In addition to denial-of-service attacks, deauthentication packets can be used to trigger a reconnect that re-opens the window of opportunity for active attacks against WPS-PBC. During broadcast, connection setup, or even normal operation of already-encrypted connections, basic information about devices and packet sizes is wirelessly transmitted.

Dropping your device or its battery, especially on a hard surface, can damage the device and its battery. We recommend that you seek professional assistance to inspect your device if you believe damage has occurred. Never use a damaged battery. If your battery appears scratched, or nicked, immediately place it aside and dispose of it properly. Use of a damaged battery can cause electrical shorts, overheating, and other component failures.

Do not heat, open, puncture, mutilate, or dispose of your device or its battery in fire. Do not leave or charge your device in direct sunlight for an extended period of time. Doing so may cause damage or melt the battery. Microsoft recommends that you seek professional assistance for all other device repairs, and that you use caution if undertaking do-it-yourself repairs. Assistance and information from Microsoft for device repair and other services is available at www.

Batteries in devices with user-replaceable batteries can be changed by opening the battery receptacle and following the battery replacement instructions in the Quick Start Guide. Always keep new and used batteries away from infants and children.

If the battery compartment on your device does not close securely, stop using it and keep it away from infants and children. Always select and use an appropriate AC power supply for your device. Failure to take the following precautions can result in serious personal injury or death from electric shock or fire or in damage to your device.

A genuine Microsoft PSU was provided with your device. Use only AC power provided by a standard mains wall outlet. Do not use non-standard power sources, such as generators or inverters, even if the voltage and frequency appear acceptable. Confirm that your electrical outlet provides the type of power indicated on the PSU in terms of voltage [V] and frequency [Hz]. If you are unsure of the type of power supplied to your home, consult a qualified electrician.

Do not overload your wall outlet, extension cord, power strip, or other electrical receptacle. Confirm that they are rated to handle the total current in amps [A] drawn by your device as indicated on the PSU and any other devices using the same circuit. For devices where the AC prongs may be folded for storage, make sure its prongs are fully extended before plugging the AC power supply for your device into the power mains outlet.

For devices equipped with power cords with removable prongs and a universal power supply, make sure the prong assembly is properly configured for the power outlet and fully seated into the power supply before plugging the AC power supply into a power mains outlet. To ensure that your exposure to RF energy generated by the Wi-Fi and Bluetooth radios does not exceed the exposure limits set forth by these guidelines, orient devices with display screens such that the display side is not directly in contact with your body i.

Microsoft recommends that you seek professional assistance for device repairs, and that you use caution if undertaking do-it-yourself repairs. Do not place your device or other objects on or near the airbags in vehicles equipped with airbags.

Objects placed on or near an airbag may cause serious personal injury or death if the airbag deploys. The risk of fire, shock or damage to your Microsoft device during cleaning can be reduced by taking the following precautions:.

Gently clean the exterior surface of the fan, vent or other opening to remove any dust buildup. Do not attempt to clean connectors through immersion in liquids.

Only gently wipe and dry with a clean cloth. To reduce the risk of fire, shock or damage to your device, do not expose your device to rain, snow or other types of moisture. Do not use your device near water or in a damp or excessively humid location e. To keep your device in prime operating condition:. Do not use your device near heat sources, food, excessive dirt, dust, oil, chemicals, or in strong direct sunlight. Do not insert objects into the fan, vents, ports, kickstand slots and hinges, spaces around keys, or other openings.

Do not dry your device with a hair dryer, clothes dryer, conventional, toaster, or microwave oven. If your device becomes wet, gently wipe the exterior with a clean, dry cloth. Do not insert objects into the fan, vents, ports, kickstand slots and hinges, spaces around keys or other opening. Do not attempt to clean ports, kickstand slots and hinges, spaces around keys, or other opening with sharp objects i.

Microsoft recommends that you seek professional assistance to repair or replace detached or missing keys on your device. Use caution if undertaking do-it-yourself repairs. Do not force detached key caps back onto the keyboard or insert objects into the keyboard between the keys and the board cover. To reduce the potential risk of injury or death due to distractions, do not use your device while driving, operating machinery, cycling, walking, or engaging in other activities that require your undivided attention.

Using your device alone or with headphones or a headset even if used only in one ear while driving a vehicle or cycling is not recommended and may be prohibited in your community. Always keep the volume on your headphones or headset low enough to hear people talking, sounds that might alert you to hazardous conditions, and better protect your hearing.

Review and obey the laws and regulations in your community on the use of mobile devices when you drive or cycle. Other common-sense recommendations to reduce the risks associated with distractions include:. Avoid prolonged skin contact with the DC connector when your power supply unit PSU is plugged into a power source because it may cause discomfort or injury.

Sleeping or sitting on the DC connector should be avoided. Do not expose the connector to liquids, sweat, dirt or other contaminants. Using a contaminated connector can lead to heating and cause discomfort or injury. Stop using the connector immediately. Unplug the DC connector from the device.

Dry and wipe it with a clean cloth. If you find any damage on any part of your charger or cord, stop using them and contact us for support options. Using your device can distract you and keep you from seeing your surroundings.

Windows Mixed Reality immersive headsets may fully obstruct your view, and content may appear to be at a distance but still block your view of nearby physical objects. Use only in a safe place that is appropriate for your activities. Avoid trip hazards, stairs, low ceilings, fragile or valuable items that could be damaged, etc. Do not use your device when a view of your surroundings and attention are needed for safety.

You should follow all setup recommendations for Windows Mixed Reality, including using your headset to create a boundary. Your PC setup and some applications or experiences may result in delays or errors in the boundary display.

Always use caution and be aware of your surroundings, even if you have created a boundary. Your device is very heavy. To reduce the risk of lifting related injuries, death, or damage to your device, we recommend that a minimum of two people lift the device.

If you let anyone else use your device, make sure that they understand the health and safety information in this guide, as well as any additional safety or usage instructions provided by the device and content providers.

The warnings in this guide relate to the hardware and its software in a stand-alone environment. One or more of the warnings in this guide may not apply or may be inadequate or incomplete for the hazards or other risks associated with your application.

You are solely responsible for determining the warnings that are required by your application, the content of those warnings, and how those warnings are delivered to users. To reduce the risk of lifting related injuries, death, or damage to your device, use good ergonomic lifting practices, including but not limited to:. Set the device onto the stand or wall mount slowly and smoothly with a straight back; do not let go until the device is set in place.

Your device heavy and mounts to a stand using all four mounting brackets. To reduce the risk of injury, death, or damage to your device:. Do not release your device until you are certain the top and bottom hooks of both mounting brackets are securely seated on the upper and lower mounting rails of the stand. Walls and other mounting surfaces may contain electrical wires, gas lines, and other unseen hazards or obstacles.

Cutting or drilling into an unseen hazard may cause serious personal injury or death. Follow all setup and use guidelines and instructions provided for your device, its accessories, and the publisher of any software application or 2D or 3D content or experience "content". Failure to properly set up, use, and care for your device can increase the risk of serious injury, death, property damage, or damage to your device and its accessories.

Follow all instructions provided by the stand manufacturer for moving or relocating a stand-mounted device. Use caution and move slowly when moving your stand-mounted device.

Use caution when transporting a stand-mounted device up or down ramps. Never leave a stand-mounted device unattended on or near a ramp. Confirm that your electrical outlet provides the type of power indicated for your device in terms of voltage [V] and frequency [Hz]. Confirm that they are rated to handle the total current in amps [A] drawn by your device and any other devices using the same circuit.

To reduce the risk of injury due to the size and weight of the device, and the importance of keeping the device upright:.

Before moving your device to the place it will be installed, survey the site to determine how to safely move it to the location where it will be unpacked and mounted. Once your device is unpacked, it should be mounted immediately, so the mounting system should be in place before unpacking. An interpupillary distance an eye measurement of the distance between your two pupils between 51 and 74 is needed to correctly and comfortably view Holograms with HoloLens.

This range accommodates most adults and children age 13 and older. HoloLens is not intended for use by children under age Your device was designed to be installed on a concrete wall or pillar. Surface Pro 8 highlights the best of Windows 11, so you can work, play, and create in ways most natural to you. Surface Pro 8 features. Surface Pro X features. Windows stops responding on Surface. What to do if Surface is running slower. What to try if your Surface touchscreen doesn't work.

Get service for your out of warranty or damaged Surface. Activate Office. Troubleshoot blue screen errors. Restore or reset Surface. Download drivers and firmware for Surface. How to get service for Surface. Surface warranty information.