Windows DOS-to-NT flaws exploited to achieve unprivileged rootkit-like capabilities | allinfosecnews.com

April 22, 2024, 10:25 a.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Researcher demonstrated how to exploit vulnerabilities in the Windows DOS-to-NT path conversion process to achieve rootkit-like capabilities. SafeBreach researcher Or Yair devised a technique, exploiting vulnerabilities in the DOS-to-NT path conversion process, to achieve rootkit-like capabilities on Windows. When a user executes a function with a path argument in Windows, the DOS path of the […]

argument capabilities conversion dos exploit exploited exploiting flaws function hacking information security news it information security path pierluigi paganini process researcher rootkit safebreach security vulnerabilities windows

More from securityaffairs.co / Security Affairs

North Korea-linked IT workers infiltrated hundreds of US firms 17 hours ago | securityaffairs.co

arizona breaking news charged charges +15

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs 1 day, 10 hours ago | securityaffairs.co

apt backdoor backdoors breach +18

City of Wichita disclosed a data breach after the recent ransomware attack 1 day, 18 hours ago | securityaffairs.co

attack breach breaking news city +19

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog 1 day, 21 hours ago | securityaffairs.co

agency binding operational directive bod breaking news +24

CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog 1 day, 23 hours ago | securityaffairs.co

agency breaking news catalog chrome +35

North Korea-linked Kimsuky APT attack targets victims via Messenger 2 days ago | securityaffairs.co

accounts agency amp analysis +32

Electronic prescription provider MediSecure impacted by a ransomware attack 2 days, 10 hours ago | securityaffairs.co

attack australia breaking news cyber +26

Google fixes seventh actively exploited Chrome zero-day this year, the third in a week 2 days, 18 hours ago | securityaffairs.co

actively exploited address attacks breaking news +26

Santander: a data breach at a third-party provider impacted customers and employees 2 days, 23 hours ago | securityaffairs.co

aware bank breach breaking news +18

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Senior - Penetration Tester

@ Deloitte | Madrid, España

View on infosec-jobs.com

Associate Cyber Incident Responder

@ Highmark Health | PA, Working at Home - Pennsylvania

View on infosec-jobs.com

Senior Insider Threat Analyst

@ IT Concepts Inc. | Woodlawn, Maryland, United States

View on infosec-jobs.com