Latest in Gear

Image credit: Reuters/Mike Segar

Exploit gets around Windows' app security safeguards

Microsoft's AppLocker is defenseless if you point to a remote file.
243 Shares
Share
Tweet
Share

Sponsored Links

Reuters/Mike Segar

For years, business-focused versions of Windows have had an AppLocker feature that lets you blacklist or whitelist apps. It's undoubtedly helpful for companies eager to keep malware (or just risky software) off their network. However, researcher Casey Smith has discovered a vulnerability in Windows that gets around this barrier. If you tell Regsvr32 to point to a remotely hosted file (such as a script), you can make a system run whichever app you want -- just what hackers and virus writers are looking for. It's stealthy, too, as it doesn't require administrator access or give itself away through registry changes.

There isn't a known patch for the flaw yet, but we've asked Microsoft for comment and will let you know if it has something to say. In the meantime, there is a stopgap. Eric Rand suggests telling Windows Firewall to block Regsvr32, which prevents it from accessing online files. While that's not very convenient if you have a whole office's worth of PCs to protect, it beats the alternative.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
243 Shares
Share
Tweet
Share

Popular on Engadget

'State of Decay 2' is getting a major free update

'State of Decay 2' is getting a major free update

View
The Morning After: The Galaxy Z Flip's glass screen isn't as tough as we thought

The Morning After: The Galaxy Z Flip's glass screen isn't as tough as we thought

View
Rumors resurface about 'Diablo' and 'Overwatch' animated series

Rumors resurface about 'Diablo' and 'Overwatch' animated series

View
Adam Savage turned Spot the robodog into a creepy rickshaw driver

Adam Savage turned Spot the robodog into a creepy rickshaw driver

View
UK to spend $1.6 billion on the world's fastest weather supercomputer

UK to spend $1.6 billion on the world's fastest weather supercomputer

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr