Researchers spot bypass vulnerabilities in code hooking software

The issues affect at least 15 different products and three different hooking engines.
The issues affect at least 15 different products and three different hooking engines.

Researchers at enSilo spotted six common security issues in code hooking software that could allow an attacker to easily bypass the operating system and third party mitigations to inject malicious code.

The issues affect at least 15 different products and three different hooking engines, including the most popular commercial hooking engine Microsoft Detours, and stems from the incorrect implementation of code hooking and injections techniques, according to a July 19 blog post.  

“Practically it means that probably thousands of products are affected, incl. Office, meaning that millions of devices are affected by their vulnerability,” the blog said.

It is unclear how long the vulnerabilities have existed but researchers believe the Detours issues existed for at least eight years and said it was present in version 3.

Microsoft Detours is scheduled to be patched in August and anyone using the affected software should immediately update their software.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS