Advertise
Thursday, 18 December 2025
27.7 C
Singapore
27.3 C
Thailand
25.8 C
Indonesia
27.2 C
Philippines
type here...
Advertise
In brief Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking
Business
1 min.Read

In brief: Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking

Nurin Sofia
By Nurin Sofia
  • In a new report from a PwC UK security researcher Wietze Beukema, it shows that almost 300 Windows 10 executables are vulnerable to DLL hijacking.
  • A simple VBScript may be enough to allow users to gain administrative access and bypass UAC entirely on Windows 10.
  • “It turns out nearly 300 executables in your System32 folder are vulnerable to relative path DLL Hijacking. Did you know that with a simple VBScript some of these EXEs can be used to elevate such executions, bypassing UAC entirely?” noted Beukema.
  • The vulnerability referred to here is relative path DLL hijacking, which is when an attacker can cause a legitimate Windows executable to load an arbitrary DLL of the attacker’s choice, most likely with malicious intent.
  • DLL hijacking attacks can prove useful to a skilled attacker as they grant capabilities such as arbitrary code execution, privilege escalation, and persistence on the target system.
  • The various techniques of DLL hijacking covered by the Beukema’s blog post include DLL replacement, DLL Proxying, DLL search order hijacking, Phantom DLL hijacking, DLL redirection, WinSxS DLL replacement, and relative path DLL Hijacking.
  • Beukema suggests a few prevention methods that can be used to deter such attacks, such as looking for activity in the mock windows \ folder, should one be present on your machine.
  • Also, adjusting UAC settings to “always notify” could help prevent attacks like this, should the end-user be savvy enough to understand what is about to be executed.
  • Another strategy is monitoring instances of DLL creation and loading from unexpected file paths:
  • When building applications, developers should enforce using absolute and not relative paths for loading DLLs, among several other techniques.
  • None of these may alone be sufficiently foolproof. However, when appropriately applied in conjunction, preventative measures such as those explained by the researcher can deter DLL hijacking attacks by a long shot.

Hot this week

Technology

Tiiny AI unveils pocket-sized AI supercomputer verified by Guinness World Records

0
Tiiny AI reveals a Guinness-verified pocket-sized AI supercomputer designed to run massive models locally without relying on the cloud.
Gaming

Bradley the Badger blends satire and classic gaming in a new action adventure title

0
New action‑adventure game Bradley the Badger blends live action, satire, and creative gameplay with actor Evan Peters leading the journey.
Gaming

PGL brings Counter-Strike 2 Major to Singapore in November 2026

0
PGL confirms the Counter-Strike 2 Major is coming to Singapore in November 2026, marking the first CS2 Major in Southeast Asia.
Technology

Samsung Galaxy Z TriFold sells out first batch, second waitlist opens in Singapore

0
Samsung’s Galaxy Z TriFold sells out its first batch in Singapore, with a second waitlist now open for the premium tri-fold phone.
Technology

Apple’s next AirTag could introduce major upgrades to tracking and battery features

0
Apple’s next AirTag may bring improved pairing, longer tracking range and better battery reporting, based on features found in iOS 26.

Topics

Technology

Zoom introduces AI Companion 3.0 with a web-based assistant and expanded task automation

0
Zoom launches AI Companion 3.0, adding a web-based assistant that automates tasks, drafts emails and reshapes the platform into an AI workspace.
Technology

Huawei unveils Mate X7 foldable phone for global markets

0
Huawei unveils the global Mate X7 foldable phone in Dubai, detailing design updates, camera improvements, software limits and premium pricing.
Gaming

Dishonored and Deus Ex lead reflects on Arkane Austin’s closure

0
Harvey Smith reflects on Arkane Austin’s closure, Redfall’s challenges, and the human cost of layoffs in today’s games industry.
Technology

LG introduces Micro RGB evo TV ahead of CES 2026

0
LG unveils its first Micro RGB evo TV for CES 2026, promising wider colour gamut, higher brightness, and LCD performance closer to OLED.

Related Articles

Popular Categories

TechnologyBusinessGamingReviewsEditor’s ChoiceGeek
Previous article
ASUS ExpertBook B9450: A lightweight and powerful business laptop
Next article
11 inspiring women-run startups you should know about

Tech Edition is a news and media platform for enterprise and technology. Latest insights and blogs on tech, business & gaming in Asia.

Tech Edition delivers distinctive content from every part of the universe, thoughtfully crafted by independent tech enthusiasts and business leaders. It also offers partners a platform to reach out to passionate tech audiences.

Categories

Other Headlines

Zoom introduces AI Companion 3.0 with a web-based assistant and expanded task automation

0
Zoom launches AI Companion 3.0, adding a web-based assistant that automates tasks, drafts emails and reshapes the platform into an AI workspace.

Huawei unveils Mate X7 foldable phone for global markets

0
Huawei unveils the global Mate X7 foldable phone in Dubai, detailing design updates, camera improvements, software limits and premium pricing.

Dishonored and Deus Ex lead reflects on Arkane Austin’s closure

0
Harvey Smith reflects on Arkane Austin’s closure, Redfall’s challenges, and the human cost of layoffs in today’s games industry.

LG introduces Micro RGB evo TV ahead of CES 2026

0
LG unveils its first Micro RGB evo TV for CES 2026, promising wider colour gamut, higher brightness, and LCD performance closer to OLED.

Follow Us

Get important news delivered directly to your feed and stay connected!

Copyright © 2015 - 2025 Tech Edition (Tech Edt). All rights reserved. Made with ♥ by Octa Digital.
Powered by Exabytes. Stock images by Depositphotos. A subsidiary of: VISN Group