Vulnerability Management

Researchers spot bypass vulnerabilities in code hooking software

Researchers at enSilo spotted six common security issues in code hooking software that could allow an attacker to easily bypass the operating system and third party mitigations to inject malicious code.

The issues affect at least 15 different products and three different hooking engines, including the most popular commercial hooking engine Microsoft Detours, and stems from the incorrect implementation of code hooking and injections techniques, according to a July 19 blog post.  

“Practically it means that probably thousands of products are affected, incl. Office, meaning that millions of devices are affected by their vulnerability,” the blog said.

It is unclear how long the vulnerabilities have existed but researchers believe the Detours issues existed for at least eight years and said it was present in version 3.

Microsoft Detours is scheduled to be patched in August and anyone using the affected software should immediately update their software.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.