An Interest In:
Web News this Week
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
- April 18, 2024
- April 17, 2024
- April 16, 2024
Some of Our Sources
- Web Designer Wall
- Six Revisions
- Abduzeedo
- You The Designer
- FanExtra - PSD
- CSS Globe
- Freelance Switch
- Codrops
- Android Headlines
- Daily Now
Help Webnuz
Referal links:
March 25, 2017 08:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/IV0vGgPler4/anti-virus-vendors-scramble-to-patch-hijacking-exploit-involving-microsoft-tool
Anti-Virus Vendors Scramble To Patch Hijacking Exploit Involving Microsoft Tool
"A zero-day attack called Double Agent can take over antivirus software on Windows machines," Network World reported Wednesday. wiredmikey writes:The attack involves the Microsoft Application Verifier, a runtime verification tool for unmanaged code that helps developers find subtle programming errors in their applications... [The exploit] allows a piece of malware executed by a privileged user to register a malicious DLL for a process associated with an antivirus or other endpoint security product, and hijack its agent. Patches were released by Malwarebytes, AVG, and Trend Micro, the security researchers told BleepingComputer earlier this week. Kaspersky Lab told ZDNet "that measures to detect and block the malicious scenario have now been added to all its products," while Norton downplayed the exploit, saying the attack "would require physical access to the machine and admin privileges to be successful," with their spokesperson "adding that it has deployed additional detection and blocking protections in the unlikely event users are targeted." BetaNews reports that the researchers "say that it is very easy for antivirus producers to implement a method of protection against this zero-day, but it is simply not being done. 'Microsoft has provided a new design concept for antivirus vendors called Protected Processes...specially designed for antivirus services...the protected process infrastructure only allows trusted, signed code to load and has built-in defense against code injection attacks.'"Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/IV0vGgPler4/anti-virus-vendors-scramble-to-patch-hijacking-exploit-involving-microsoft-tool
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot