Decade-old Windows kernel bug lets hackers bypass security protections

Page 1 of 2 12 LastLast
    Decade-old Windows kernel bug lets hackers bypass security protections

    Decade-old Windows kernel bug lets hackers bypass security protections


    Posted: 08 Sep 2017
    Researchers say that a bug in the Windows kernel could allow hackers to perform malicious actions by tricking security products blindly relying on a Windows API.

    The bug affects a low-level interface, known as PsSetLoadImageNotifyRoutine, that notifies when a module has been loaded into the Windows kernel. The bug can allow an attacker to forge the name of a loaded module, a method that can mislead third-party security products, and allow malicious actions without any warning.

    Omri Misgav, a security researcher at enSilo, who also wrote a blog post on the bug, said that the bug appears to be a "programming error" in the kernel.
    All versions of Windows are affected.

    PsSetLoadImageNotifyRoutine was originally introduced in Windows 2000 to inform drivers, such as those powering security products, when a module is loaded into a process and the module's address in memory, allowing security products to track modules...


    Read more: Decade-old Windows kernel bug lets hackers bypass security protections | ZDNet
    Brink's Avatar Posted By: Brink
    08 Sep 2017

  1. lehnerus2000's Avatar
    Posts : 1,809
    W7 Ultimate SP1 (64 bit), LM 19.2 MATE (64 bit), W10 Home 1703 (64 bit), W10 Pro 1703 (64 bit) VM
       #1

    Can ordinary users use this bug to take control of their own machines?
      My Computer

  2. Cliff S's Avatar
    Posts : 25,539
    Win10 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #2

    lehnerus2000 said:
    Can ordinary users use this bug to take control of their own machines?
      My Computers

  3. Steve C's Avatar
    Posts : 6,278
    Windows 10 Pro 64 bit
       #3

    Well done for telling the world about this 'bug' so all hackers can now start using it!
      My Computers


  4. Posts : 668
    Win 10 pro
       #4

    Steve C said:
    Well done for telling the world about this 'bug' so all hackers can now start using it!
    All "hackers" already know about this bug, it's for us normal users that it's useful to know
    so we can at least be aware of the risk.
      My Computer

  5. lehnerus2000's Avatar
    Posts : 1,809
    W7 Ultimate SP1 (64 bit), LM 19.2 MATE (64 bit), W10 Home 1703 (64 bit), W10 Pro 1703 (64 bit) VM
       #5

    Cliff S said:
    I always enjoyed Statler and Waldorf in "The Muppet Show".
      My Computer

  6. ArazelEternal's Avatar
    Posts : 344
    Windows 10 Pro x64
       #6

    When reached, a Microsoft spokesperson said: "Our engineers reviewed the information and determined this does not pose a security threat and we do not plan to address it with a security update."
    Nice. Leave it open as a security hole and let everyone know.
    Last edited by ArazelEternal; 10 Sep 2017 at 12:22.
      My Computers

  7. Josey Wales's Avatar
    Posts : 24,693
    Win 10 Pro 19043.906
       #7

    ArazelEternal said:
    "When reached, a Microsoft spokesperson said: "Our engineers reviewed the information and determined this does not pose a security threat and we do not plan to address it with a security update."

    Nice. Leave it open as a security hole and let everyone know.
    Hacking as a service
      My Computer

  8. Arelem's Avatar
    Posts : 1,099
    Windows 10 Pro
       #8

    ArazelEternal said:
    Nice. Leave it open as a security hole and let everyone know.
    Do you honestly believe that it was just uncovered by a website like ZDNet for the first time?
      My Computer

  9. ArazelEternal's Avatar
    Posts : 344
    Windows 10 Pro x64
       #9

    Arelem said:
    Do you honestly believe that it was just uncovered by a website like ZDNet for the first time?
    No, but either way this just confirms that M$ isnt going to do anything to take care of it. They said it themselves.
      My Computers


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 14:19.
Find Us




Windows 10 Forums