Windows 10 inherits a kernel bug that’s existed for 17 years

mahit26@gmail.com' By: Sean Jeffries
2 minute read
Windows 10 kernel bug

Bugs are definitely an inconvenience to users, serving as pathways for attackers to gain access to a system. In fact, a bug is more like an unlocked back door. It has been recently unearthed that malware developers will be able to exploit a programming error in the Windows kernel and go undetected. The malicious modules will be loaded at runtime and even these can successfully avoid detection.

The bug apparently affects PsSetLoadImageNotifyRoutine, one of the mechanisms employed by security solutions to identify whether or not code has been loaded into the kernel or user space. Attackers can exploit this bug such that the PsSetLoadImageNotifyRoutine throws an invalid module name and with this, the attacker will disguise the malware as a legitimate operation.

The worst part, however, is that the bug affects all versions of Windows that have been released since Windows 2000. However, the issue only came to the light when Omri Misgav, security researcher at enSilo, discovered it while analyzing the Windows kernel code. The error has been inherited by Windows 10 as well.

At this point we were sure we figured out what causes the problem though what eluded us was how can it be that this bug still exists? And there’s no obvious solution for it?

PsSetLoadImageNotifyRoutine was introduced as a notification mechanism to notify app developers of newly registered drivers. Moreover, the mechanism was also integrated with antivirus software to allow the detection of malware that made changes to drivers.

Microsoft, on the other hand, doesn’t see this as a potential security issue and according to researchers, the bug was somewhat known. Since its root cause and other details are still not available, it’s very hard to substantiate their claims.

RELATED STORIES YOU NEED TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading