Gaping Windows security flaw leaves business PCs wide open
AppLocker can't defend against this exploit
An issue in the business versions of Microsoft Windows has been discovered which allows a hacker to dodge around AppLocker white-listing protection and successfully run a malicious app on a target machine.
The flaw in the enterprise versions of Windows 7 through to Windows 10 was discovered by security researcher Casey Smith, and is truly worrying because it doesn't require admin access to leverage, and neither does it leave any signs in the Registry.
The exploit involves using Regsvr32 and pointing it to a remotely hosted file at a location the hacker controls, thus allowing the running of any app including malicious applications with no worries about AppLocker protecting the intended victim.
Smith noted: "In order to further prove this out, I wrote a PowerShell server to handle execution and return output." He has put his proof of concept up on Github.
No patch yet
Obviously this is a very worrying prospect for businesses out there, particularly with the exploit becoming more widely known now it's being reported on. There's no patch for the problem as yet, but you would hope Redmond is prioritising this one.
As Engadget notes though, to be safe, you can always get your firewall to block Regsvr32, although obviously that's not an ideal solution.
Of late, Microsoft has been making a big deal of how secure Windows 10 is, but of course this flaw still affects the latest enterprise version of the OS. Earlier this month, Redmond even announced its intention to soon make it compulsory for the manufacturers of Windows 10 PCs, tablets and smartphones to include TPM 2.0 (Trusted Platform Module) in their devices for much improved security.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).