Technobezz

Microsoft Does Not Plan To Fix a Decade-Old Bug

Windows kernel has an old bug that can allow malicious actions on your computer and the Microsoft refuses to consider it a threat despite the warnings of various researchers.

How does this bug work?

Back with Windows 2000 a low-level interface known as PsSetLoadImageNotifyRoutine was introduced. It was supposed to inform drives when a module is loaded into a process. This allowed drivers that were powering security products to track modules.

However, it was discovered that it does not always provide correct results, allowing hackers to use the name of a loaded module. This way, security products wouldn’t scan the file and malicious actions could affect your computer.

This bug appears to be a programming error and it should be quickly fixed since it can be used to easily trick third-party security products such as antimalware.

Security researchers discovered this bug

Many researchers noticed this problem, especially because it affects all versions of Windows. According to Omei Misgav, a security researcher at enSilo, “Any security vendor that relies on the information supplied by this notification routine may be fooled into looking at the wrong module at load time ” He also added that any attacker is able to reproduce this bug easily. Once these operations are performed the notification routine will receive an incorrect path,” he said.

Omei Misgav wrote a blog post about this bug where he also added that enSilk did not test a specific security product.

Microsoft does not consider it a threat

A Microsoft spokesperson declared that “Our engineers reviewed the information and determined this does not pose a security threat and we do not plan to address it with a security update.” It can be hard to understand why a tech giant like Microsoft would allow a 17 years old bug that could harm the users’ safety. “

More on this topic

Leave a Reply

Nokia 8.1
HMD Global is gearing up with Nokia 8.1; Details surface on Geekbench
Spider-Man PS4
Everything we know about Spider-Man PS4 – Rumors, Release Date, Updates, News and More
CD Projekt's Cyberpunk 2077 Mike Pondsmith
CD Projekt’s Cyberpunk 2077 Release Date, Features, Rumors and News
samsung Galaxy s10 Design
Samsung Galaxy S10 Specs, Features, Release Date, Price, Rumors and News
Android Apple Gaming How To Internet iPhone Personal Computers Review Site review The Top Best
Spider-Man PS4
Everything we know about Spider-Man PS4 – Rumors, Release Date, Updates, News and More

It seems that the wait is finally over for the lovers...

CD Projekt's Cyberpunk 2077 Mike Pondsmith
CD Projekt’s Cyberpunk 2077 Release Date, Features, Rumors and News

At the closure of the E3 press conference, the subtle hint...

Total War The Three Kingdoms Rumors
Total War: The Three Kingdoms – Release Date, Rumors, News, Updates and More

The anticipation of playing the historical games of Total War series...