Security News > 2024 > August > Researchers Uncover Flaws in Windows Smart App Control and SmartScreen

Cybersecurity researchers have uncovered design weaknesses in Microsoft's Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising any warnings.

Smart App Control is a cloud-powered security feature introduced by Microsoft in Windows 11 to block malicious, untrusted, and potentially unwanted apps from being run on the system.

In cases where the service is unable to make a prediction about the app, it checks if it's signed or has a valid signature so as to be executed.

SmartScreen, which was released alongside Windows 10, is a similar security feature that determines whether a site or a downloaded app is potentially malicious.

"Smart App Control and SmartScreen have a number of fundamental design weaknesses that can allow for initial access with no security warnings and minimal user interaction," Elastic Security Labs said in a report shared with The Hacker News.

One of the easiest ways to bypass these protections is get the app signed with a legitimate Extended Validation certificate, a technique already exploited by malicious actors to distribute malware, as recently evidenced in the case of HotPage.

News URL

https://thehackernews.com/2024/08/researchers-uncover-flaws-in-windows.html