lundi 25 avril 2016

A regsvr32 hack is all it takes to bypass Windows' AppLocker security

A security researcher has discovered a way to get around Windows' AppLocker security system. Casey Smith found that it was possible to use Regsvr32 to call up a remotely hosted file that could be used to run any application -- malicious or otherwise -- of your choice. This is something that will be a concern to companies, many of whom rely on AppLocker as it restricts what users are able to run on their computers. What is particularly concerning is the fact that the exploit does not require administrator privileges, and doesn't make any changes to the registry which makes… [Continue Reading]


Aucun commentaire:

Enregistrer un commentaire