Advertise
Monday, 23 December 2024
26.7 C
Singapore
type here...
Advertise
In brief Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking
Business
1 min.Read

In brief: Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking

In a new report from a PwC UK security researcher Wietze Beukema, it shows that almost 300 Windows 10 executables are vulnerable to DLL hijacking. A simple VBScript may be enough to allow users to gain administrative access and bypass UAC entirely on Windows 10. “It turns out nearly 300 executables in your System32 folder are vulnerable […]
Nurin Sofia
By Nurin Sofia
  • In a new report from a PwC UK researcher Wietze Beukema, it shows that almost 300 Windows 10 executables are vulnerable to DLL hijacking.
  • A simple VBScript may be enough to allow users to gain administrative access and bypass UAC entirely on Windows 10.
  • “It turns out nearly 300 executables in your System32 folder are vulnerable to relative path DLL Hijacking. Did you know that with a simple VBScript some of these EXEs can be used to elevate such executions, bypassing UAC entirely?” noted Beukema.
  • The vulnerability referred to here is relative path DLL hijacking, which is when an attacker can cause a legitimate Windows executable to load an arbitrary DLL of the attacker’s choice, most likely with malicious intent.
  • DLL hijacking attacks can prove useful to a skilled attacker as they grant capabilities such as arbitrary code execution, privilege escalation, and persistence on the target system.
  • The various techniques of DLL hijacking covered by the Beukema’s blog post include DLL replacement, DLL Proxying, DLL search order hijacking, Phantom DLL hijacking, DLL redirection, WinSxS DLL replacement, and relative path DLL Hijacking.
  • Beukema suggests a few prevention methods that can be used to deter such attacks, such as looking for activity in the mock windows \ folder, should one be present on your machine.
  • Also, adjusting UAC settings to “always notify” could help prevent attacks like this, should the end-user be savvy enough to understand what is about to be executed.
  • Another strategy is monitoring instances of DLL creation and loading from unexpected file paths:
  • When building , developers should enforce using absolute and not relative paths for loading DLLs, among several other techniques.
  • None of these may alone be sufficiently foolproof. However, when appropriately applied in conjunction, preventative measures such as those explained by the researcher can deter DLL hijacking attacks by a long shot.

Hot this week

Business

TikTok CEO meets Trump as platform fights US ban

0
TikTok CEO Shou Zi Chew meets Trump to address potential US ban as the platform appeals to the Supreme Court. Legal and political stakes rise.
Business

Mark Zuckerberg reveals Threads has over 100 million daily users

0
Threads hits a major milestone with over 100M daily users, outpacing competitors like Bluesky and rolling out new features to keep users engaged.
Business

Salesforce announces major hiring spree to boost AI sales

0
Salesforce plans to hire 2,000 sales reps to meet AI demand, marking growth despite recent layoffs, as it focuses on expanding its AI offerings.
Technology

You can now call ChatGPT for free in the US

0
OpenAI now lets you call ChatGPT for free in the US via 1-800-CHATGPT or message globally on WhatsApp. Try AI for up to 15 minutes per month.
Gaming

Pokemon TCG Pocket unveils Mythical Island pack with Mew EX and more

0
Discover Pokemon TCG Pocket's Mythical Island pack with Mew EX and 80+ cards, launching December 17 with a stunning island theme.

Topics

Business

US to blacklist Chinese company linked to Huawei chip scandal

0
The US plans to blacklist Sophgo, a Chinese firm tied to Huawei’s AI chip scandal, in a crackdown on tech linked to national security risks.
Business

China faces AI talent shortage despite booming industry

0
China’s AI industry thrives but faces a talent shortage. High salaries and intense competition drive demand for skilled professionals.
Technology

Hong Kong AI model surpasses doctors in diagnosing eye conditions

0
Discover how VisionFM, a Hong Kong AI model, outperforms doctors in diagnosing eye diseases and sets a new standard for AI in healthcare.
Technology

Chinese EV maker Nio introduces Firefly brand to rival Mini Cooper and Smart

0
Nio unveils the affordable Firefly EV to rival Mini and Smart alongside its luxury ET9 sedan, combining innovation and style for global markets.

Related Articles

Popular Categories

TechnologyBusinessGamingReviewsEditor’s ChoiceGeek
Previous article
ASUS ExpertBook B9450: A lightweight and powerful business laptop
Next article
11 inspiring women-run startups you should know about

Tech Edition is a news and media website for enterprise and technology. Latest insights and blogs on tech, business & gaming in Southeast Asia.

Tech Edition delivers distinctive content from every part of the universe, thoughtfully crafted by independent tech enthusiasts and business leaders. It also offers partners a platform to reach out to passionate tech audiences.

Categories

Headlines

ChatGPT’s AI search engine is now available for all users

0
ChatGPT’s AI search engine is now available to all users, with mobile upgrades, faster searches, and exclusive features for paid subscribers.

Google Keep might become an essential Android app

0
Google Keep might become a core Android app in Android 16, making it uninstallable without root access and potentially gaining new features.

YouTube cracks down on misleading clickbait

0
YouTube is rolling out a new policy targeting misleading clickbait. To improve transparency, YouTube will remove videos with deceptive titles or thumbnails.

Elon Musk and SpaceX face federal scrutiny over foreign meetings

0
Elon Musk and SpaceX face federal and international scrutiny over undisclosed meetings with foreign leaders and potential security risks.

Follow Us

Get important news delivered directly to your feed and stay connected!

Copyright © 2015 - 2024 Tech Edition (Tech Edt). All rights reserved. Made with ♥ by Octa Digital.
Powered by Exabytes. A subsidiary of: VISN Group