New
#1
Can ordinary users use this bug to take control of their own machines?
Researchers say that a bug in the Windows kernel could allow hackers to perform malicious actions by tricking security products blindly relying on a Windows API.
The bug affects a low-level interface, known as PsSetLoadImageNotifyRoutine, that notifies when a module has been loaded into the Windows kernel. The bug can allow an attacker to forge the name of a loaded module, a method that can mislead third-party security products, and allow malicious actions without any warning.
Omri Misgav, a security researcher at enSilo, who also wrote a blog post on the bug, said that the bug appears to be a "programming error" in the kernel.
All versions of Windows are affected.
PsSetLoadImageNotifyRoutine was originally introduced in Windows 2000 to inform drivers, such as those powering security products, when a module is loaded into a process and the module's address in memory, allowing security products to track modules...
Read more: Decade-old Windows kernel bug lets hackers bypass security protections | ZDNet
Well done for telling the world about this 'bug' so all hackers can now start using it!
Nice. Leave it open as a security hole and let everyone know.When reached, a Microsoft spokesperson said: "Our engineers reviewed the information and determined this does not pose a security threat and we do not plan to address it with a security update."
Last edited by ArazelEternal; 10 Sep 2017 at 12:22.