Security News > 2021 > September > A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit

Security researchers have disclosed an unpatched weakness in Microsoft Windows Platform Binary Table affecting all Windows-based devices since Windows 8 that could be potentially exploited to install a rootkit and compromise the integrity of devices.

"These flaws make every Windows system vulnerable to easily-crafted attacks that install fraudulent vendor-specific tables," researchers from Eclypsium said in a report published on Monday.

WPBT, introduced with Windows 8 in 2012, is a feature that enables "Boot firmware to provide Windows with a platform binary that the operating system can execute."

Given the functionality's ability to have such software "Stick to the device indefinitely," Microsoft has warned of potential security risks that could arise from misuse of WPBT, including the possibility of deploying rootkits on Windows machines.

"Because this feature provides the ability to persistently execute system software in the context of Windows, it becomes critical that WPBT-based solutions are as secure as possible and do not expose Windows users to exploitable conditions," the Windows maker notes in its documentation.

In response to the findings, Microsoft has recommended using a Windows Defender Application Control policy to tightly control what binaries can be permitted to run on the devices.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/AhpTI3xcGPs/a-new-bug-in-microsoft-windows-could.html