New
#1
want to warn you, a heads up check this out!
Hi. Look what I found, this should be reported to someone so that it can be prevented or countermeasure. gpscript
|
LOLBAS
if you are afraid to click the link ill screen shot it.
Hi. Look what I found, this should be reported to someone so that it can be prevented or countermeasure. gpscript
|
LOLBAS
if you are afraid to click the link ill screen shot it.
If you bothered to read your posted article:
GPscript.exe – another LOLBin to the list – Oddvar Moe's Blog
Posted on 27 Apr 2018
# “Responsible disclosure” #
I tried to reach out to Mark R. on Twitter about this a while back and I also wrote him an email. I have not gotten any response. I therefor decided to post this, since the technique is already known and publicly available in Hexacorns blog here:
Hexacorn | Blog Beyond good ol’ Run key, Part 52
It was not until after the intial discovery of the persistence technique that I figured out that it was already discovered by Adam – @hexacorn. He has written an excellent blogpost about this here .
# Update #
Darren Mar-Elia has reached out and got contact with Mark Russinovich and this issue will be fixed. An update for Autoruns will likely be available within the next few days..
Whenever you find these reports, check their dates. Many of them are fixed by now. Obviously users should install the latest Windows updates to give them the best chance to stay protected.
It is incredible the number of people who STILL block updates via various means saying they like to control updates blah blah blah.
It was this stupid attitude that led to countless pcs getting infected with viruses. No wonder MS had to take action - they were getting criticised that Windows was insecure, even when it was really the stupid idiots who blocked updates.
I was forever sorting issues on family pcs before Windows 10 came out - I rarely have to do anything these days.
I agree with you about checking the date of these reports - we have had a couple recently.
Normally I'd agree, except I don't like Windows update installing an older hardware or video driver and erasing the latest one I installed directly from the manufacturer. That's not being helpful and shows that they don't know what they're doing.
Windows update needs to get out of the driver business and stick to OS updates.
wushowhide doesn't always work out, as I recently found out over in the Windows 11 forum