Delivering vulnerable signed kernel drivers remains popular among attackers

ESET researchers took an in-depth look into the abuse of vulnerable kernel drivers. Vulnerabilities in signed drivers are mostly utilized by game cheat developers to circumvent anti-cheat mechanisms, but they have also been observed being used by several APT groups and in commodity malware. Among the various types of kernel (the central component of the Windows operating system) drivers are “software” drivers that provide specific, non-hardware related features like software debugging and diagnostics, system analysis, … More →

The post …

attackers code don't miss drivers eset featured news kernel malware popular rootkits vulnerability vulnerable windows