Advertisment

Microsoft Does Not Plan To Fix a Decade-Old Bug


Microsoft Does Not Plan To Fix a Decade-Old Bug

Windows kernel has an old bug that can allow malicious actions on your computer and the Microsoft refuses to consider it a threat despite the warnings of various researchers.

How does this bug work?

Back with Windows 2000 a low-level interface known as PsSetLoadImageNotifyRoutine was introduced. It was supposed to inform drives when a module is loaded into a process. This allowed drivers that were powering security products to track modules.

However, it was discovered that it does not always provide correct results, allowing hackers to use the name of a loaded module. This way, security products wouldn’t scan the file and malicious actions could affect your computer.

This bug appears to be a programming error and it should be quickly fixed since it can be used to easily trick third-party security products such as antimalware.

Security researchers discovered this bug

Many researchers noticed this problem, especially because it affects all versions of Windows. According to Omei Misgav, a security researcher at enSilo, “Any security vendor that relies on the information supplied by this notification routine may be fooled into looking at the wrong module at load time ” He also added that any attacker is able to reproduce this bug easily. Once these operations are performed the notification routine will receive an incorrect path,” he said.

Omei Misgav wrote a blog post about this bug where he also added that enSilk did not test a specific security product.

Microsoft does not consider it a threat

A Microsoft spokesperson declared that “Our engineers reviewed the information and determined this does not pose a security threat and we do not plan to address it with a security update.” It can be hard to understand why a tech giant like Microsoft would allow a 17 years old bug that could harm the users’ safety. “

Advertisment

Advertisment

Get more stuff like this
in your inbox

Subscribe to our mailing list and get interesting products and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Advertisment