BoundHook Hooking Is Invisible to Windows 10’s PatchGuard | DataProtectionCenter.com – Tech and Security

BoundHook Hooking Is Invisible to Windows 10’s PatchGuard

19

Oct

2017

laptop-coding-1030x567

A newly discovered hooking technique can go completely undetected by the current implementation of PatchGuard, CyberArk security researchers warn.

Called BoundHook, the method relies on causing an exception in a very specific location in a user-mode context, as well as on catching that exception to gain control over the thread execution. It can bypass PatchGuard, or Kernel Patch Protection, which was designed by Microsoft to prevent malicious code from running at kernel level on 64-bit versions of Windows.

Tags: application security BoundHook CyberArk Kernel Patch Protection PatchGuard risk management Vulnerability

Written by Feedproxy

0 Comments

Leave a reply

Enter your comment here...

Categories

SUNDAY, FEBRUARY 23, 2025

WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Archives

Archives

About Us

Our mission is to help users and also IT security passionate to reach relevant information related to cyber security.

This publication contains a lot of information and guidance on how to better protect your IT systems, data and activities from malicious factors, and also on how to safely navigate the Internet.

We look forward to hearing from you about cyber safety. Please let us know if there’s something specific you’re interested in learning about.

Contact Us

Name *
Your name is required

E-mail *
Email address entered is invalid

Please enter a message

Incorrect security code

Copyright © 2025 DataProtectionCenter.com Tech and Security

Scroll Up