Kaspersky reveal a critical security vulnerability in the “windows” used by a criminal group of unknown

The company said Kaspersky Lab ‘s technologies automated own discovered a vulnerability in the operating system “Windows” from Microsoft, have been exploited by a criminal group Anonymous in an attempt to control on your target system kernel. attack through the rear port was constructed from one of the key elements in the operating system.

And rear ports kind the risk of malware because they allow third threat to control infected machines in a way hidden for subversive purposes. Usually the acquisition of third-party privileges runs out the top of difficult to hide it for security solutions, only to back home which is the gap of unknown in the system, attacks immediate without waiting for a Zero-day, be his chance to skip the security solutions are much higher. And can for normal security to identify the infection of the system, as it can’t of course protect users from the threat of undetected.

Despite that, managed technology Kaspersky Lab to prevent exploitation of the discovery of the attempt to exploit the vulnerability the operating system “Windows” from Microsoft. Represent the attack scenario, which was found on the street to install malicious software as soon as you launch the executable file with extension exe. Used injury this gap and got the privileges to ensure the continuation of its presence on the victim machine.

Began software malicious after that in the establishment of the rear port depending on the element of a formal and legitimate elements of the system “Windows”, available on all devices working operating system that is built programming language called Windows PowerShell. This has allowed for the subversive to sneak in silently, avoiding detection, allowing no time to write code for tools malware, before you malicious software download the rear port of another of the official service known to store text, which in turn grants criminals complete control over the banking system.

He noted Anton Ivanov, the expert of security among Kaspersky Lab, “there are two major” said that he had seen in this attack is often seen in advanced persistent threats; the first is to exploit the upgrade privileges to access local ensure the hold on the victim machine, and the second lies in the use of the brown company such as Windows PowerShell to actively sabotage the victim’s PC, he added, explaining: “this prevents the expansion of the subversion of the ability to skip security solutions basic, so it should use a security solution involves engines for the Prevention of exploitation and authority in order to evade detection by these methods”.

Related topics what you read now:

Has been reported to Kaspersky Lab Microsoft vulnerabilities that have been corrected on 10 April. To prevent installing the rear ports through a vulnerability in the “windows” recommends Kaspersky Lab quickly to patch the vulnerability in the system “Windows”, once you download the patch your holes security lose the disruptive ability to use them.

It also recommends that the company makes sure to update all software to the institutional, as soon as the version of any patch for a new security, with the freedom to use the security product able to assess the gaps and manage the debug code to make sure that these processes are done automatically. Recommends using a security solution installed, no detection capabilities-based goods, such as Kaspersky Endpoint Security, for protection from unknown threats.

Leave a Reply

Your email address will not be published. Required fields are marked *