Newly-discovered Windows vulnerability affects all versions of Windows, with no fix in sight.

[wyattzx]

This is not getting the attention it deserves, and I apologize if this isn't the "right section" for it, but this is big.

Quote

Security researchers have discovered a new technique that could allow attackers to inject malicious code on every version of Microsoft's Windows operating system, even Windows 10, in a manner that no existing anti-malware tools can detect, threaten millions of PCs worldwide. Dubbed "AtomBombing," the technique does not exploit any vulnerability but abuses a designing weakness in Windows.

Source(s):

[thehackernews] [reddit]

 

Apologies for the lack of a header image, but I didn't want to use a generic stock photo. What do you guys think? This is not a hoax, as the source code to recreate the vulnerability is supplied in a link from the reddit comments, and users have demonstrated the vulnerability inside of VMs. 

 

Thoughts?

[RS2007GOD]

Its always been known just finualy leaked from the us governments box of spying bs #illuminati #tinfoilhat 

[Space Reptile]

Remember the NSA is spying on you

[SCHISCHKA]

i can't find a CVE or anything similar for this. just a blog reference.

[RainfallWithin]

NonaHexa, your title says:

Quote

Newly-discovered Windows vulnerability...

but your article says:

Quote

Dubbed "AtomBombing," the technique does not exploit any vulnerability...

 

Also, the source keeps saying,

Quote

Once injected into legitimate processes, the malware...

but doesn't mention how the malware gets onto the computer and how it injects itself.

 

I think that a good anti-malware program would prevent the file from being downloaded and executed in the first place.

[wyattzx]

12 minutes ago, RainfallWithin said:

NonaHexa, your title says:

but your article says:

 

Also, the source keeps saying,

but doesn't mention how the malware gets onto the computer and how it injects itself.

 

I think that a good anti-malware program would prevent the file from being downloaded and executed in the first place.

The vulnerability is not in a recent update or program, but in the design of Windows itself. The article is saying that there is no "new" vulnerability it uses, and it simply exploits a design flaw in the Windows OS design. This is not a single piece of malware, and anti-viruses do not pick it up, because this is a flaw in Windows, not on the side of malware but rather the OS itself. This is not unique to a single file or exploit, and any virus could exploit this flaw in Windows. 

[RainfallWithin]

1 minute ago, NonaHexa said:

The vulnerability is not in a recent update or program, but in the design of Windows itself. The article is saying that there is no "new" vulnerability it uses, and it simply exploits a design flaw in the Windows OS design. This is not a single piece of malware, and anti-viruses do not pick it up, because this is a flaw in Windows, not on the side of malware but rather the OS itself. This is not unique to a single file or exploit, and any virus could exploit this flaw in Windows. 

I see what you mean, but in order for the code to be injected, a malicious file has to be put on the computer to do it.

 

On the other hand, Microsoft could improve their process level restrictions, because the article mentions that once the malicious code in injected, it can bypass those level restrictions, which is probably what allows the code to go on and do more damage in further places.

[brwainer]

I don't think the implications of "with no fix in sight" are warranted. To me it implies that Microsoft is doing nothing about this and does not plan on fixing it. Zero day exploits come out all the time, for every OS. While it's important to spread awareness of them as soon as they are discovered, you can't place too much blame on the company unless the exploit has been publically known, or privately disclosed, for a few weeks with no patch available. And sometimes certain exploits legitimately take more than a month to patch anyway.

 

Edit: BTW I have read the article, and while I agree that possibly design decisions might have to be changed, I am certain that MS's engineers can design a way to prevent this exploit without breaking the majority of applications.

[AlTech]

1 hour ago, brwainer said:

I don't think the implications of "with no fix in sight" are warranted. To me it implies that Microsoft is doing nothing about this and does not plan on fixing it. Zero day exploits come out all the time, for every OS. While it's important to spread awareness of them as soon as they are discovered, you can't place too much blame on the company unless the exploit has been publically known, or privately disclosed, for a few weeks with no patch available. And sometimes certain exploits legitimately take more than a month to patch anyway.

 

Edit: BTW I have read the article, and while I agree that possibly design decisions might have to be changed, I am certain that MS's engineers can design a way to prevent this exploit without breaking the majority of applications.

Probably expect a fix sometime soon I'm guessing. Except half of Windows 10 users disables security updates.......

[BuckGup]

Very vague 

[tlink]

its a pretty easy exploit to launch, you can download it from github. here's a link:

 

https://github.com/BreakingMalwareResearch/atom-bombing/

[sazrocks]

Interesting, a few days after a massive vulnerability is found in Linux allowing anyone to get root priveleges  and affects over 10 years of Linux versions, a massive vulnerability in windows is found that affects all versions of it.

[zMeul]

MS needs to completely redesign the Windows Kernel, starting from scratch

the user space needs to be better handled, up to the point where user started apps cannot access each other unless stated otherwise (chain started) - doesn't Linux already does this?

[Centurius]

55 minutes ago, AluminiumTech said:

Probably expect a fix sometime soon I'm guessing. Except half of Windows 10 users disables security updates.......

Which is entirely on Microsoft for their shady shit.

[Prysin]

6 hours ago, Space Reptile said:

Remember the NSA is spying on you

we need more then bandaid solutions to stop this spying.

[2FA]

3 hours ago, SamStrecker said:

Very vague 

Unless you read the actual article. Basically Windows has a thing called Atom Tables that lets programs store data in strings, objects, etc. in the tables. The tables are shared so one program could theoretically manipulate the data of other programs. I would personally classify this as a vulnerability since the design and therefore code is flawed in that it lets programs manipulate other programs.

[Doobeedoo]

I'm sure MS will release security update. Though, they could do some core changes on OS level.