Advertise
Wednesday, 30 April 2025
27.4 C
Singapore
33.7 C
Thailand
23.3 C
Indonesia
29.1 C
Philippines
type here...
Advertise
In brief Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking
Business
1 min.Read

In brief: Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking

Nurin Sofia
By Nurin Sofia
  • In a new report from a PwC UK security researcher Wietze Beukema, it shows that almost 300 Windows 10 executables are vulnerable to DLL hijacking.
  • A simple VBScript may be enough to allow users to gain administrative access and bypass UAC entirely on Windows 10.
  • “It turns out nearly 300 executables in your System32 folder are vulnerable to relative path DLL Hijacking. Did you know that with a simple VBScript some of these EXEs can be used to elevate such executions, bypassing UAC entirely?” noted Beukema.
  • The vulnerability referred to here is relative path DLL hijacking, which is when an attacker can cause a legitimate Windows executable to load an arbitrary DLL of the attacker’s choice, most likely with malicious intent.
  • DLL hijacking attacks can prove useful to a skilled attacker as they grant capabilities such as arbitrary code execution, privilege escalation, and persistence on the target system.
  • The various techniques of DLL hijacking covered by the Beukema’s blog post include DLL replacement, DLL Proxying, DLL search order hijacking, Phantom DLL hijacking, DLL redirection, WinSxS DLL replacement, and relative path DLL Hijacking.
  • Beukema suggests a few prevention methods that can be used to deter such attacks, such as looking for activity in the mock windows \ folder, should one be present on your machine.
  • Also, adjusting UAC settings to “always notify” could help prevent attacks like this, should the end-user be savvy enough to understand what is about to be executed.
  • Another strategy is monitoring instances of DLL creation and loading from unexpected file paths:
  • When building applications, developers should enforce using absolute and not relative paths for loading DLLs, among several other techniques.
  • None of these may alone be sufficiently foolproof. However, when appropriately applied in conjunction, preventative measures such as those explained by the researcher can deter DLL hijacking attacks by a long shot.

Hot this week

Technology

Early cancer detection startup Craif raises US$22M to expand into the U.S.

0
Craif raises $22M to expand its microRNA early cancer detection technology into the U.S., aiming to make testing simple and accessible.
Technology

OpenAI brings smarter shopping to ChatGPT with new search features

0
ChatGPT now offers smarter shopping with visual product picks, reviews, and direct links—no ads, just easier online buying.
Gaming

Razer launches Pro Click V2 and V2 Vertical Mice: Blending gaming and productivity

0
Razer's new Pro Click V2 and V2 Vertical mice offer gaming precision and ergonomic comfort, with AI prompt access and long battery life, available now!
Technology

Grouphug brings AI to WhatsApp groups to turn private chats into memes

0
Grouphug wants to turn your WhatsApp group chats into memes using AI—and that’s only the beginning of this clever new app.
Business

Smart Communications acquires Joisto to strengthen cloud archival capabilities

0
Smart Communications acquires Joisto to expand cloud-based customer conversation and archival solutions, strengthening its leadership in CCM and IXM.

Topics

Business

Google Play loses nearly half its apps since early 2024

0
Due to stricter rules and quality control changes, Google Play lost nearly half its apps in 2024, dropping from 3.4M to 1.8M.
Technology

Snapchat drops plans for simplified app, tests new five-tab layout instead

0
Snapchat has dropped its simplified app redesign and is testing a new five-tab layout to improve user experience and content discovery.
Technology

Startups fight back against Cluely’s AI cheating tool with detection software

0
Startups fight back against AI cheating tool Cluely with new detection software, while Cluely hints at future smart glasses and AI hardware.
Technology

Meta introduces new AI tools at LlamaCon

0
Meta's first LlamaCon event launches open AI tools to challenge OpenAI and promote accessible, developer-friendly AI solutions.

Related Articles

Popular Categories

TechnologyBusinessGamingReviewsEditor’s ChoiceGeek
Previous article
ASUS ExpertBook B9450: A lightweight and powerful business laptop
Next article
11 inspiring women-run startups you should know about

Tech Edition is a news and media website for enterprise and technology. Latest insights and blogs on tech, business & gaming in Southeast Asia.

Tech Edition delivers distinctive content from every part of the universe, thoughtfully crafted by independent tech enthusiasts and business leaders. It also offers partners a platform to reach out to passionate tech audiences.

Categories

Other Headlines

Google Play loses nearly half its apps since early 2024

0
Due to stricter rules and quality control changes, Google Play lost nearly half its apps in 2024, dropping from 3.4M to 1.8M.

Snapchat drops plans for simplified app, tests new five-tab layout instead

0
Snapchat has dropped its simplified app redesign and is testing a new five-tab layout to improve user experience and content discovery.

Startups fight back against Cluely’s AI cheating tool with detection software

0
Startups fight back against AI cheating tool Cluely with new detection software, while Cluely hints at future smart glasses and AI hardware.

Meta introduces new AI tools at LlamaCon

0
Meta's first LlamaCon event launches open AI tools to challenge OpenAI and promote accessible, developer-friendly AI solutions.

Follow Us

Get important news delivered directly to your feed and stay connected!

Copyright © 2015 - 2025 Tech Edition (Tech Edt). All rights reserved. Made with ♥ by Octa Digital.
Powered by Exabytes. A subsidiary of: VISN Group