COMPUTER USERS may not be aware of a new threat lurking inside their machines.
Experts have found vulnerabilities in three drivers that attack the Windows central component.
Microsoft is “trying to strengthen the operating system from the inside,” says expert[/caption]
The problem was detected in signed kernel drivers, after hundreds of checks.
They are mostly exploited by game developers to circumvent anti-cheat mechanisms.
But they have also been used by a number of advanced persistent threat groups and in easily acquired malware.
Cybersecurity agencies warn this is an unprotected “gateway to the core of Windows”.
“While there are a number of mechanisms used by the CPU and/or operating system, most of them can be bypassed by some clever and not very efficient techniques if the attacker prepares them ahead of time. term,” said Peter Kalnai of ESET, who led the study.
The experts detailed several known cyber threats that used a malicious technique, dubbed Bring Your Own Vulnerable Drivers (BYOVD).
These include Slingshot, InvisiMole, and RobbinHood.
Most Read on News Tech
“Vulnerable drivers have been a known problem for a long time and have been abused by the game cheat community and malware authors, and although some efforts have been implemented to mitigate the impact, it’s still an ongoing battle,” said Michal Poslusny, malware researcher at ESET.
“It seems that all responsible parties involved want to get this resolved – the vendors we contacted have been extremely proactive in the disclosure process, eager to fix vulnerabilities. that we discovered.
“Microsoft is trying to strengthen the operating system from the inside.
And last but not least, third-party security vendors are trying to come up with clever ways to detect and mitigate such drivers themselves.
“However, there still seems to be one piece missing – a common, unified way to handle these issues including more radical ‘disarming’ of drivers, whether by revoke or block their certificates, or some publicly shared block list passed by security. companies.”
Vulnerability used by people trying to circumvent the anti-cheat mechanism in the game[/caption]
In other news, Apple has become the first company to achieve a stock market valuation of$3 million (£2.22 billion).
Popular Twitch creator Slider hasbanned from the platformafter sharing nude photos of fellow streamer Amouranth.
And internet users have been encouragedcheck their online accountagainst one of the worst cyber threats of 2021.
We pay for your stories! Do you have a story for The Sun Online Science & Technology team? Email us at the address firstname.lastname@example.org
https://www.thesun.ie/uncategorized/8194654/pc-signed-kernel-drive-vulnerability-hack-attack/ Your computer can be hacked in seconds with a surprisingly simple error