Subscribe
Friday, 22 November 2024
31 C
Singapore
type here...
Advertise
In brief Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking
Business
1 min.Read

In brief: Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking

In a new report from a PwC UK security researcher Wietze Beukema, it shows that almost 300 Windows 10 executables are vulnerable to DLL hijacking. A simple VBScript may be enough to allow users to gain administrative access and bypass UAC entirely on Windows 10. “It turns out nearly 300 executables in your System32 folder are vulnerable […]
Nurin Sofia
By Nurin Sofia
  • In a new report from a PwC UK security researcher Wietze Beukema, it shows that almost 300 10 executables are vulnerable to DLL hijacking.
  • A simple VBScript may be enough to allow users to gain administrative access and bypass UAC entirely on Windows 10.
  • “It turns out nearly 300 executables in your System32 folder are vulnerable to relative path DLL Hijacking. Did you know that with a simple VBScript some of these EXEs can be used to elevate such executions, bypassing UAC entirely?” noted Beukema.
  • The vulnerability referred to here is relative path DLL hijacking, which is when an attacker can cause a legitimate Windows executable to load an arbitrary DLL of the attacker’s choice, most likely with malicious intent.
  • DLL hijacking attacks can prove useful to a skilled attacker as they grant capabilities such as arbitrary code execution, privilege escalation, and persistence on the target system.
  • The various techniques of DLL hijacking covered by the Beukema’s blog post include DLL replacement, DLL Proxying, DLL search order hijacking, Phantom DLL hijacking, DLL redirection, WinSxS DLL replacement, and relative path DLL Hijacking.
  • Beukema suggests a few prevention methods that can be used to deter such attacks, such as looking for activity in the mock windows \ folder, should one be present on your machine.
  • Also, adjusting UAC settings to “always notify” could help prevent attacks like this, should the end-user be savvy enough to understand what is about to be executed.
  • Another strategy is monitoring instances of DLL creation and loading from unexpected file paths:
  • When building , developers should enforce using absolute and not relative paths for loading DLLs, among several other techniques.
  • None of these may alone be sufficiently foolproof. However, when appropriately applied in conjunction, preventative measures such as those explained by the researcher can deter DLL hijacking attacks by a long shot.

Hot this week

Business

Only half of Singaporeans willing to reskill for the AI era, lagging behind regional peers

0
Only 53% of Singaporeans are willing to reskill for AI, according to the Decoding Global Talent 2024 report, highlighting key challenges.
Technology

YouTube’s new AI music remixer could let you transform songs with ease

0
YouTube’s experimental AI remixer lets creators transform tracks into new genres, adding personal flair to Shorts with AI-powered custom soundtracks.
Business

Pure Storage introduces GenAI pod to accelerate AI innovation

0
Pure Storage introduces the GenAI Pod and certifies FlashBlade//S500 with NVIDIA DGX SuperPOD to simplify AI deployments and accelerate innovation.
Geek

Japan tourism takes centre stage at Anime Festival Asia Singapore 2024

0
Discover Japan at Anime Festival Asia Singapore 2024 with JNTO’s interactive booth, featuring travel tips, omikuji fortunes, and exciting giveaways.
Technology

T-Mobile network infiltrated by hackers linked to China

0
China-linked hackers breached T-Mobile, accessing officials' data. T-Mobile says customers' data remains largely unaffected.

Topics

Reviews

UGREEN Surge Protector Power Strip review: Fast charging meets smart safety

0
The UGREEN Surge Protector Power Strip offers fast charging, 10-device support, and surge protection but faces durability concerns.
Business

Microsoft’s AI agents in Microsoft 365 to handle your mundane tasks

0
Boost productivity with Microsoft 365's new AI agents, handling tasks in SharePoint, Teams, and Planner for better efficiency and collaboration.
Business

New features in GPT-4o enhance creativity and efficiency

0
GPT-4o enhances creative writing with improved speed, capabilities, and cost-efficiency, offering tailored and natural responses for users.
Technology

The Windows 11 24H2 update continues to cause problems

0
Windows 11 24H2 update causes time zone bugs, audio glitches, and sync issues; Microsoft promises fixes in the next update.

Related Articles

Popular Categories

TechnologyBusinessGamingReviewsEditor’s ChoiceGeek
Previous article
ASUS ExpertBook B9450: A lightweight and powerful business laptop
Next article
11 inspiring women-run startups you should know about

Tech Edition is a news and media website for enterprise and technology. Latest insights and blogs on tech, business & gaming in Southeast Asia.

Tech Edition delivers distinctive content from every part of the universe, thoughtfully crafted by independent tech enthusiasts and business leaders. It also offers partners a platform to reach out to passionate tech audiences.

Categories

Headlines

Warrix enhances internal communications with Slack to boost collaboration and efficiency

0
Warrix has transformed its internal communications with Slack, cutting time spent on meetings and improving collaboration by 30%.

Cybersecurity unicorn Semperis strengthens identity-driven resilience in Singapore after major funding success

0
Semperis enhances cybersecurity in Singapore with US$125M funding, partnerships, and training to combat growing cyber threats and ransomware attacks.

Canon Singapore and Temasek Polytechnic join forces to boost security training

0
Canon Singapore partners with Temasek Polytechnic to establish a Security Technology Experience Centre, enhancing training for security professionals in Singapore.

Perplexity launches shopping tool to challenge Google and Amazon

0
Discover Perplexity’s AI-powered shopping tool offering unbiased product suggestions, visual search, and one-click checkout for Pro subscribers.

Follow Us

Get important news delivered directly to your feed and stay connected!

Copyright © 2015 - 2024 Tech Edition (Tech Edt). All rights reserved. Made with ♥ by Octa Digital.
Powered by Exabytes. A subsidiary of: VISN Group