New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections

Researchers studying security have discovered a novel form of dynamic link library (DLL) search order hijacking that threat actors might employ to get around security measures and execute malicious code on Microsoft Windows 10 and Windows 11 platforms. The cybersecurity company Security Joes stated in a new study that was privately shared with The Hacker News that the strategy “leverages executables commonly found in the trusted WinSxS folder and exploits them via the classic DLL search order hijacking technique.”

By doing this, adversaries can, as has been seen in the past, insert potentially vulnerable binaries into the attack chain and do away with the requirement for elevated privileges when trying to run malicious code on a compromised system.

New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections

01-Jan-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address