Technobezz

Microsoft Does Not Plan To Fix a Decade-Old Bug

Windows kernel has an old bug that can allow malicious actions on your computer and the Microsoft refuses to consider it a threat despite the warnings of various researchers.

How does this bug work?

Back with Windows 2000 a low-level interface known as PsSetLoadImageNotifyRoutine was introduced. It was supposed to inform drives when a module is loaded into a process. This allowed drivers that were powering security products to track modules.

However, it was discovered that it does not always provide correct results, allowing hackers to use the name of a loaded module. This way, security products wouldn’t scan the file and malicious actions could affect your computer.

This bug appears to be a programming error and it should be quickly fixed since it can be used to easily trick third-party security products such as antimalware.

Security researchers discovered this bug

Many researchers noticed this problem, especially because it affects all versions of Windows. According to Omei Misgav, a security researcher at enSilo, “Any security vendor that relies on the information supplied by this notification routine may be fooled into looking at the wrong module at load time ” He also added that any attacker is able to reproduce this bug easily. Once these operations are performed the notification routine will receive an incorrect path,” he said.

Omei Misgav wrote a blog post about this bug where he also added that enSilk did not test a specific security product.

Microsoft does not consider it a threat

A Microsoft spokesperson declared that “Our engineers reviewed the information and determined this does not pose a security threat and we do not plan to address it with a security update.” It can be hard to understand why a tech giant like Microsoft would allow a 17 years old bug that could harm the users’ safety. “

More on this topic

Leave a Reply

Google pixel 4 camera
Google Pixel 4 and 4XL Screen Protector Leaks Hint at Gesture Recognition Feature
GTA Diamond Program
Rockstar Games Reveals the Rewards of GTA Online’s Diamond Program
GTA Spiderman
Spider-Man comes to GTA San Andreas
GTA-6
GTA 6 Might Have Resemblance of a Cutting-Edge MOD
Android Apple Gaming How To Internet iPhone Personal Computers Review Site review The Top Best
How to fix Google Pixel 3 overheating issues
How to fix Google Pixel 3 overheating issues

Many users are facing overheating problem while using their phones. This...

How to fix OnePlus 7 Wi-Fi issues

OnePlus 7 is a great phone, and even though it comes...

Best iOS Reading Apps
Top Best iOS Reading Apps

Reading has always been something so many people enjoy. However,  the...