Advertise
Monday, 16 June 2025
29.3 C
Singapore
28.2 C
Thailand
20 C
Indonesia
28.3 C
Philippines
type here...
Advertise
In brief Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking
Business
1 min.Read

In brief: Report shows close to 300 Windows 10 executables vulnerable to DLL hijacking

Nurin Sofia
By Nurin Sofia
  • In a new report from a PwC UK security researcher Wietze Beukema, it shows that almost 300 Windows 10 executables are vulnerable to DLL hijacking.
  • A simple VBScript may be enough to allow users to gain administrative access and bypass UAC entirely on Windows 10.
  • “It turns out nearly 300 executables in your System32 folder are vulnerable to relative path DLL Hijacking. Did you know that with a simple VBScript some of these EXEs can be used to elevate such executions, bypassing UAC entirely?” noted Beukema.
  • The vulnerability referred to here is relative path DLL hijacking, which is when an attacker can cause a legitimate Windows executable to load an arbitrary DLL of the attacker’s choice, most likely with malicious intent.
  • DLL hijacking attacks can prove useful to a skilled attacker as they grant capabilities such as arbitrary code execution, privilege escalation, and persistence on the target system.
  • The various techniques of DLL hijacking covered by the Beukema’s blog post include DLL replacement, DLL Proxying, DLL search order hijacking, Phantom DLL hijacking, DLL redirection, WinSxS DLL replacement, and relative path DLL Hijacking.
  • Beukema suggests a few prevention methods that can be used to deter such attacks, such as looking for activity in the mock windows \ folder, should one be present on your machine.
  • Also, adjusting UAC settings to “always notify” could help prevent attacks like this, should the end-user be savvy enough to understand what is about to be executed.
  • Another strategy is monitoring instances of DLL creation and loading from unexpected file paths:
  • When building applications, developers should enforce using absolute and not relative paths for loading DLLs, among several other techniques.
  • None of these may alone be sufficiently foolproof. However, when appropriately applied in conjunction, preventative measures such as those explained by the researcher can deter DLL hijacking attacks by a long shot.

Hot this week

Business

Keeper Security named overall leader in GigaOm report for enterprise password management

0
Keeper Security is named GigaOm's Overall Leader in enterprise password management for the fourth year, praised for innovation and usability.
Business

Informatica deepens partnership with Databricks to support new Iceberg and OLTP services

0
Informatica joins Databricks as launch partner for new Iceberg and OLTP solutions, introducing AI tools to speed up GenAI development.
Technology

REDMAGIC 10S Pro launches in Singapore with upgraded Snapdragon 8 Elite chip

0
REDMAGIC launches its 10S Pro gaming phone in Singapore with the Snapdragon 8 Elite chip, 144Hz display, and up to 24GB RAM.
Business

Proofpoint opens new Singapore office to expand APAC operations and AI capabilities

0
Proofpoint opens new Singapore office to expand APAC presence and boost AI-led, human-centric cybersecurity efforts across the region.
Technology

Coco Robotics secures US$80 million to expand delivery robot services

0
Coco Robotics raises US$80M to expand its eco-friendly delivery robots. It is backed by Sam Altman and partnered with OpenAI for real-world AI training.

Topics

Business

Informatica deepens partnership with Databricks to support new Iceberg and OLTP services

0
Informatica joins Databricks as launch partner for new Iceberg and OLTP solutions, introducing AI tools to speed up GenAI development.
Business

Hong Kong opens skies to larger drones in bid to grow low-altitude economy

0
Hong Kong will allow the testing of larger drones to boost its low-altitude economy and improve logistics, following mainland China's lead.
Technology

Hong Kong to build new AI supercomputing centre in bid to lead global tech race

0
Hong Kong plans a new AI supercomputing centre to boost its tech hub status and support growing start-ups across the Greater Bay Area.
Gaming

Steam adds full native support for Apple Silicon Macs

0
Steam runs natively on Apple Silicon Macs, ditching Rosetta 2 for smoother performance and better gaming on M1 and M2 devices.

Related Articles

Popular Categories

TechnologyBusinessGamingReviewsEditor’s ChoiceGeek
Previous article
ASUS ExpertBook B9450: A lightweight and powerful business laptop
Next article
11 inspiring women-run startups you should know about

Tech Edition is a news and media website for enterprise and technology. Latest insights and blogs on tech, business & gaming in Southeast Asia.

Tech Edition delivers distinctive content from every part of the universe, thoughtfully crafted by independent tech enthusiasts and business leaders. It also offers partners a platform to reach out to passionate tech audiences.

Categories

Other Headlines

Informatica deepens partnership with Databricks to support new Iceberg and OLTP services

0
Informatica joins Databricks as launch partner for new Iceberg and OLTP solutions, introducing AI tools to speed up GenAI development.

Hong Kong opens skies to larger drones in bid to grow low-altitude economy

0
Hong Kong will allow the testing of larger drones to boost its low-altitude economy and improve logistics, following mainland China's lead.

Hong Kong to build new AI supercomputing centre in bid to lead global tech race

0
Hong Kong plans a new AI supercomputing centre to boost its tech hub status and support growing start-ups across the Greater Bay Area.

Steam adds full native support for Apple Silicon Macs

0
Steam runs natively on Apple Silicon Macs, ditching Rosetta 2 for smoother performance and better gaming on M1 and M2 devices.

Follow Us

Get important news delivered directly to your feed and stay connected!

Copyright © 2015 - 2025 Tech Edition (Tech Edt). All rights reserved. Made with ♥ by Octa Digital.
Powered by Exabytes. Stock images by Depositphotos. A subsidiary of: VISN Group