InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

windows app tables vulnerable

https://forums.informaction.com/viewtopic.php?t=22228

Page 1 of 1

windows app tables vulnerable

Posted: Fri Oct 28, 2016 9:52 pm
by morganism
"In researching new code injection techniques for Windows, enSilo researchers discovered a way that attackers could use to write malicious code into an atom table and force applications using the table to retrieve and execute the code."

http://www.darkreading.com/vulnerabilit ... ?print=yes

"An attacker that gains access to a Windows machine can easily use AtomBombing to inject code to any process that has equal privileges. But it is not a privilege-escalation attack, meaning it cannot be used to inject an administrative account from a non-administrative one

Re: windows app tables vulnerable

Posted: Sat Oct 29, 2016 2:21 pm
by yes_noscript
Whatever.
This is a normal vulnerable and the malware need to be started, so yes. A started malware can and will make damage to the system, period.
No matter what for damage or which exploit.

Re: windows app tables vulnerable

Posted: Sun Oct 30, 2016 10:11 pm
by Thrawn
I think an important point here is that the relevant malicious code could be very hard to detect in antivirus or similar scans.

Re: windows app tables vulnerable

Posted: Mon May 08, 2017 11:12 am
by lindseynicole010
thanks
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited