A kernel bug that impacts Windows versions released over the past decade and a half remains unpatched, enSilo security researchers claim.
The security researchers claim to have discovered a Windows kernel bug created as the result of a programming error and which prevents security vendors from identifying modules that have been loaded at runtime.
The issue, they say, impacts PsSetLoadImageNotifyRoutine, a function that should notify of module loading. However, the researchers discovered that, “after registering a notification routine for loaded PE images with the kernel, the callback may receive invalid image names.”
Leave a reply