Sunday, 19 October 2025
26 C
Singapore
27 C
Thailand
20.5 C
Indonesia
26.7 C
Philippines
type here...
Advertise
In brief Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking
Business
1 min.Read

In brief: Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking

Nurin Sofia
By Nurin Sofia
  • In a new report from a PwC UK security researcher Wietze Beukema, it shows that almost 300 Windows 10 executables are vulnerable to DLL hijacking.
  • A simple VBScript may be enough to allow users to gain administrative access and bypass UAC entirely on Windows 10.
  • “It turns out nearly 300 executables in your System32 folder are vulnerable to relative path DLL Hijacking. Did you know that with a simple VBScript some of these EXEs can be used to elevate such executions, bypassing UAC entirely?” noted Beukema.
  • The vulnerability referred to here is relative path DLL hijacking, which is when an attacker can cause a legitimate Windows executable to load an arbitrary DLL of the attacker’s choice, most likely with malicious intent.
  • DLL hijacking attacks can prove useful to a skilled attacker as they grant capabilities such as arbitrary code execution, privilege escalation, and persistence on the target system.
  • The various techniques of DLL hijacking covered by the Beukema’s blog post include DLL replacement, DLL Proxying, DLL search order hijacking, Phantom DLL hijacking, DLL redirection, WinSxS DLL replacement, and relative path DLL Hijacking.
  • Beukema suggests a few prevention methods that can be used to deter such attacks, such as looking for activity in the mock windows \ folder, should one be present on your machine.
  • Also, adjusting UAC settings to “always notify” could help prevent attacks like this, should the end-user be savvy enough to understand what is about to be executed.
  • Another strategy is monitoring instances of DLL creation and loading from unexpected file paths:
  • When building applications, developers should enforce using absolute and not relative paths for loading DLLs, among several other techniques.
  • None of these may alone be sufficiently foolproof. However, when appropriately applied in conjunction, preventative measures such as those explained by the researcher can deter DLL hijacking attacks by a long shot.

Hot this week

Business

NVIDIA Spectrum-X Ethernet switches power next-generation AI data centres for Meta and Oracle

0
Meta and Oracle adopt NVIDIA Spectrum-X Ethernet switches to boost AI data centre performance and accelerate giga-scale model training.
Reviews

Pixel 10 Pro Fold review: Google’s most polished and capable foldable yet

0
The Pixel 10 Pro Fold combines premium design, powerful AI, strong performance and advanced cameras in Google’s most refined foldable yet.
Technology

Belkin unveils Stage PowerGrip: a magnetic iPhone accessory with built-in power bank

0
Belkin unveils the Stage PowerGrip, a magnetic iPhone grip that doubles as a multi-device charger with a 9,300mAh battery.
Business

ASUS unveils AI factory and next-gen servers with NVIDIA HGX B300 at OCP 2025

0
ASUS debuts AI Factory, XA NB3I-E12 servers, and Ascent GX10 AI supercomputer with NVIDIA technology at OCP 2025.
Technology

OPPO to launch Find X9 Series globally, redefining mobile photography

0
OPPO will launch the Find X9 Series globally on 28 October, introducing breakthrough mobile imaging, powerful performance, and refined design.

Topics

Gaming

Nintendo accelerates Switch 2 production as demand remains strong

0
Nintendo ramps up Switch 2 production to meet soaring demand, aiming to sell up to 25 million units by March 2026.
Business

Microsoft warns of rising AI-driven cyber threats in 2025 defence report

0
Microsoft’s 2025 Digital Defense Report warns of rising AI-driven cyber threats, a growing cybercrime economy, and evolving nation-state tactics.
Business

HPE and Ericsson launch joint validation lab for next-generation 5G core networks

0
HPE and Ericsson launch a joint validation lab to develop and test cloud-native dual-mode 5G core solutions for seamless multi-vendor deployments.
Technology

Microsoft brings AI to every Windows 11 PC with new Copilot features

0
Microsoft’s latest Windows 11 update brings Copilot AI to every PC, adding natural voice interaction, automation, and enhanced security.

Related Articles

Popular Categories

TechnologyBusinessGamingReviewsEditor’s ChoiceGeek
Previous article
ASUS ExpertBook B9450: A lightweight and powerful business laptop
Next article
11 inspiring women-run startups you should know about

Tech Edition is a news and media website for enterprise and technology. Latest insights and blogs on tech, business & gaming in Asia.

Tech Edition delivers distinctive content from every part of the universe, thoughtfully crafted by independent tech enthusiasts and business leaders. It also offers partners a platform to reach out to passionate tech audiences.

Categories

Other Headlines

Nintendo accelerates Switch 2 production as demand remains strong

0
Nintendo ramps up Switch 2 production to meet soaring demand, aiming to sell up to 25 million units by March 2026.

Microsoft warns of rising AI-driven cyber threats in 2025 defence report

0
Microsoft’s 2025 Digital Defense Report warns of rising AI-driven cyber threats, a growing cybercrime economy, and evolving nation-state tactics.

HPE and Ericsson launch joint validation lab for next-generation 5G core networks

0
HPE and Ericsson launch a joint validation lab to develop and test cloud-native dual-mode 5G core solutions for seamless multi-vendor deployments.

Microsoft brings AI to every Windows 11 PC with new Copilot features

0
Microsoft’s latest Windows 11 update brings Copilot AI to every PC, adding natural voice interaction, automation, and enhanced security.

Follow Us

Get important news delivered directly to your feed and stay connected!

Copyright © 2015 - 2025 Tech Edition (Tech Edt). All rights reserved. Made with by Octa Digital.
Powered by Exabytes. Stock images by Depositphotos. A subsidiary of: VISN Group