Categories
Anti-malware

Microsoft PatchGuard flaw could let hackers plant rootkits on x64 Windows 10 boxen

Redmond shrugs, says PC would already need to be thoroughly pwned

 

                             businessman shrugging - illustration via shutterstock

 

By John Leyden 22 Jun 2017
 

Flaws in Microsoft PatchGuard create a means for hackers to plant rootkits on Windows 10, 64-bit OS devices.

 

The newly discovered attack technique, dubbed GhostHook, allows attackers to completely bypass PatchGuard, security researchers at CyberArk Labs warn.

 

PatchGuard (formally known as Kernel Patch Protection) was developed to prevent Windows users patching the kernel, and by extension make the OS more secure by preventing hackers from running rootkits at the kernel level. CyberArk Labs reckons GhostHook is the first technique that thwarts the defensive technology to bypass PatchGuard and hook a rootkit at the kernel level.

 

Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico