Hackers Exploit Policy Loophole in Windows Kernel Drivers

In a blog post published on July 11, researchers from Cisco Talos described how they had discovered the malicious activity, which takes advantage of a loophole in Microsoft’s Windows driver-signing policy that permits the signing and loading of cross-signed kernel mode drivers with signature timestamps earlier than July 29, 2015.

Researchers have discovered that hackers are loading malicious and unverified drivers with expired certificates utilising a Windows policy vulnerability for kernel mode drivers. The activity, which predominantly targets Windows users who speak Chinese, may grant threat actors full access to victims’ PCs.

Hackers Exploit Policy Loophole in Windows Kernel Drivers

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Hackers Exploit Policy Loophole in Windows Kernel Drivers

12-Jul-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address