Windows 10: Decade-old Windows kernel bug lets hackers bypass security protections

Page 1 of 2 12 LastLast

  1. Posts : 27,216
    64-bit Windows 10 Pro build 17604
       08 Sep 2017 #1

    Decade-old Windows kernel bug lets hackers bypass security protections


    Researchers say that a bug in the Windows kernel could allow hackers to perform malicious actions by tricking security products blindly relying on a Windows API.

    The bug affects a low-level interface, known as PsSetLoadImageNotifyRoutine, that notifies when a module has been loaded into the Windows kernel. The bug can allow an attacker to forge the name of a loaded module, a method that can mislead third-party security products, and allow malicious actions without any warning.

    Omri Misgav, a security researcher at enSilo, who also wrote a blog post on the bug, said that the bug appears to be a "programming error" in the kernel.
    All versions of Windows are affected.

    PsSetLoadImageNotifyRoutine was originally introduced in Windows 2000 to inform drivers, such as those powering security products, when a module is loaded into a process and the module's address in memory, allowing security products to track modules...


    Read more: Decade-old Windows kernel bug lets hackers bypass security protections | ZDNet
      My ComputersSystem Spec


  2. Posts : 1,646
    W7 Ultimate SP1 (64 bit), LM 18.3 MATE (64 bit), W10 Home (64 bit)
       08 Sep 2017 #2

    Can ordinary users use this bug to take control of their own machines?
      My ComputerSystem Spec


  3. Posts : 18,891
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       08 Sep 2017 #3

    lehnerus2000 said: View Post
    Can ordinary users use this bug to take control of their own machines?
      My ComputersSystem Spec


  4. Posts : 2,313
    Windows 10 Home x64 (Laptop), Windows 10 Pro x64 (Desktop)
       09 Sep 2017 #4

    Well done for telling the world about this 'bug' so all hackers can now start using it!
      My ComputersSystem Spec

  5.    09 Sep 2017 #5

    Steve C said: View Post
    Well done for telling the world about this 'bug' so all hackers can now start using it!
    All "hackers" already know about this bug, it's for us normal users that it's useful to know
    so we can at least be aware of the risk.
      My ComputerSystem Spec


  6. Posts : 1,646
    W7 Ultimate SP1 (64 bit), LM 18.3 MATE (64 bit), W10 Home (64 bit)
       10 Sep 2017 #6

    Cliff S said: View Post
    I always enjoyed Statler and Waldorf in "The Muppet Show".
      My ComputerSystem Spec


  7. Posts : 320
    Windows 10 Pro x64
       10 Sep 2017 #7

    When reached, a Microsoft spokesperson said: "Our engineers reviewed the information and determined this does not pose a security threat and we do not plan to address it with a security update."
    Nice. Leave it open as a security hole and let everyone know.
    Last edited by ArazelEternal; 10 Sep 2017 at 12:22.
      My ComputersSystem Spec

  8.    10 Sep 2017 #8

    ArazelEternal said: View Post
    "When reached, a Microsoft spokesperson said: "Our engineers reviewed the information and determined this does not pose a security threat and we do not plan to address it with a security update."

    Nice. Leave it open as a security hole and let everyone know.
    Hacking as a service
      My ComputerSystem Spec

  9.    11 Sep 2017 #9

    ArazelEternal said: View Post
    Nice. Leave it open as a security hole and let everyone know.
    Do you honestly believe that it was just uncovered by a website like ZDNet for the first time?
      My ComputerSystem Spec


  10. Posts : 320
    Windows 10 Pro x64
       12 Sep 2017 #10

    Arelem said: View Post
    Do you honestly believe that it was just uncovered by a website like ZDNet for the first time?
    No, but either way this just confirms that M$ isnt going to do anything to take care of it. They said it themselves.
      My ComputersSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Intel chip vulnerability lets hackers easily hijack fleets of PCs | ZDNet
Hi all, I bought a new computer a month ago, and am having BSOD each day. It's a Kernel Security Check Failure, and when i look in the event watcher, i can see a kernel-power critical error. 57819 Thanks for your help !
Hi, I got an error today when booting up my computer. Restarting and logging in allowed me to get in and log in, however it took abnormally long and there was a blank screen on my computer for roughly 30sec-1min (normally takes about 3...
Hello, Since I changed to my new hard-drive I have had random issues with BSOD's trying to get into Windows. The BSOD I get is: Kernel Security Check Failure Usually, I just need to restart the computer, but now I can't get in at all. I...
windows 10 was running fine for a day or two, but now it crashes within 5 mins of startup like 5-6 times in a row, then seems to work fine after that. Here are the mini dump files
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 14:06.
Find Us