New code injection exposes all versions of Windows to cyberattack.

G

groze

Tester
Power User
VIP
Local time
11:07 AM
Messages
1,162
New code injection exposes all versions of Windows to cyberattack.



Researchers have disclosed a fresh attack against Microsoft's Windows operating system which can be used to inject malicious code and compromise user PCs.


On October 27, cybersecurity company enSilo's research team disclosed a practice called "AtomBombing" that can be launched against every version of Windows to bypass current security solutions which protect such systems from malware infections.


The technique is dubbed AtomBombing as it relies on underlying Windows atom tables to exploit a system. Atom tables are used to store strings and identifiers by Windows which support other application functions.




More info
 

My Computer My Computer

At a glance

W10 32 bit, XUbuntu 18.xx 64 bitIntel(R) Celeron(R) CPU G1620T @ 2.40GHz, 240...4GBIntel HD graphics
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell All in one Inspiron 2020
OS
W10 32 bit, XUbuntu 18.xx 64 bit
CPU
Intel(R) Celeron(R) CPU G1620T @ 2.40GHz, 2400 Mhz
Motherboard
Dell
Memory
4GB
Graphics Card(s)
Intel HD graphics
Sound Card
High Definition Audio Device
Monitor(s) Displays
20 inch Screen
Screen Resolution
W7=1280 x 720 & Linux Mint Xfce=1360 x 768
Hard Drives
500 GB hard drive
Keyboard
Usb
Mouse
Usb
Internet Speed
High-Speed
Antivirus
MSE
Browser
Main Browser Firefox
Other Info
I have done a clean install of Windows 7 using Dell re-installation disk (Dell sent me one). I also use Free Macrium reflect backup and restore.
What I don't understand is how it can bypass security software according to the zdnet article?
 

My Computer My Computer

At a glance

W10 32 bit, XUbuntu 18.xx 64 bitIntel(R) Celeron(R) CPU G1620T @ 2.40GHz, 240...4GBIntel HD graphics
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell All in one Inspiron 2020
OS
W10 32 bit, XUbuntu 18.xx 64 bit
CPU
Intel(R) Celeron(R) CPU G1620T @ 2.40GHz, 2400 Mhz
Motherboard
Dell
Memory
4GB
Graphics Card(s)
Intel HD graphics
Sound Card
High Definition Audio Device
Monitor(s) Displays
20 inch Screen
Screen Resolution
W7=1280 x 720 & Linux Mint Xfce=1360 x 768
Hard Drives
500 GB hard drive
Keyboard
Usb
Mouse
Usb
Internet Speed
High-Speed
Antivirus
MSE
Browser
Main Browser Firefox
Other Info
I have done a clean install of Windows 7 using Dell re-installation disk (Dell sent me one). I also use Free Macrium reflect backup and restore.
groze said:
What I don't understand is how it can bypass security software according to the zdnet article?
Click to expand...
As far as I can tell this seems to be saying that:

  • The hacker injects malicious code into this table
  • The user asks a program to perform some action (which will access the corrupted code in the table)
  • The program asks Windows to execute the action
  • The user's AV program determines that Windows has requested this (malicious) action and therefore ignores it
 

My Computer My Computer

At a glance

W7 Ultimate SP1, LM19.2 MATE, W10 Home 1703, ...AMD Phenom II x6 1100T, 3.3 GHz12GB DDR3 1333 G-Skill (4GB x 2), G-Skill (2G...NVIDIA GeForce GTX 660
Computer type
PC/Desktop
Computer Manufacturer/Model Number
n/a
OS
W7 Ultimate SP1, LM19.2 MATE, W10 Home 1703, W10 Pro 1703 VM, #All 64 bit
CPU
AMD Phenom II x6 1100T, 3.3 GHz
Motherboard
ASUS M4A88T-M/USB3 (AM3)
Memory
12GB DDR3 1333 G-Skill (4GB x 2), G-Skill (2GB x 2)
Graphics Card(s)
NVIDIA GeForce GTX 660
Sound Card
Realtek?
Monitor(s) Displays
Samsung S23B350
Screen Resolution
1920x1080
Hard Drives
WD Green 2TB (SATA), WD Green 3TB (SATA), WD Blue 4TB (SATA), WD Blue 6TB (SATA)
PSU
Cooler Master
Case
Antec GX300 Tower
Cooling
3x Antec TRICOOL 120mm Fans
Mouse
Wired Optical
Internet Speed
DSL
Antivirus
Avast
Browser
Pale Moon (64 bit)
Other Info
2018-12-27 Upgraded HDDs
2015-12-10 Upgraded case, graphics card, storage
2015-08-15 Upgraded motherboard & RAM
2015-07-15 Upgraded LM17.1 to LM17.2
You must log in or register to reply here.
Back
Top