Code Hooking Is The Hidden Devil Behind Vulnerable Security Software
The Very Softwares That Keep You Safe Could Be Vulnerable…
Researchers from the data exfiltration company enSilo found 6 common security issues that affect more than 15 products and 3 different hooking engines including the most famous commercial hooking engine in the world, Microsoft Detours. These issues stem from incorrect implementations of code hooking and injections techniques according to their blog post on July 19.
“” — enSilo researchers
Who all are hit?
This problem not only affects security softwares like popular Anti-Virus softwares but also other common softwares like Microsoft Office which leaves millions of devices vulnerable.
Some of the vendors affected are listed below:
- Microsoft’s hooking engine, Detours. Quoting Microsoft.com: “Under commercial release for over 10 years, Detours is licensed by over 100 ISVs [independent software vendors] and used within nearly every product team at Microsoft.”
- Citrix XenDesktop
Some of the vendors have patched their software quickly when notified in the past few months but others still need to act upon this.
How bad is it?
Most of these vulnerabilities allow hackers to bypass operating system and third-party exploit mitigation systems. This makes the work of the attacker quite easy which would be unlikely or even impossible to exploit normally .
It is unclear exactly how long have these vulnerabilities existed but the issue in Microsoft Detours existed for at least 8 years which is now scheduled for patching in August.
Security Or Insecurity
Softwares meant to provide security to users have time and again been proved vulnerable in the recent past. Last month, flaws were discovered in Symantec security products by Google’s Project Zero team. Also Kaspersky products were found vulnerable in other research.
FireEye’s security product was apparently hacked by Los Angeles-based researcher Kristian Erik Hermansen, who revealed on Twitter that he had found ‘at least four’ security flaws in the company’s core product.
All this leads to a doubt in a common user’s mind who expects these softwares to provide them security. Hope these software vendors become more serious about the security of their own products.
Stay tuned for latest updates!