Ancient Windows Kernel Bug Leaves Microsoft OS Vulnerable To Hackers With No Fix In Sight

It's not uncommon for us to write about security issues, but it's pretty rare when we write about one that's not going to be fixed, per the guilty party. In this case, that guilty party is Microsoft, and the bug is one that has been around ever since the launch of Windows 2000. Whether or not it's truly severe, we'll really have to wait and see. Or, at least we suppose, since it's existed for 17 years already. 

The bug is related to a Windows API hook called PsSetLoadImageNotifyRoutine, which lets the kernel know that a new module has been loaded. The problem, allegedly, is that invalid module names can be reported, ultimately tricking security software that rely on Windows' APIs into handling that particular module in a different way (which could be to ignore it entirely).

windows 10 example
Windows 10 is one of many Windows OSes affected by this bug

Interestingly, the bug is caused by a very simple error in the code for the Windows kernel, but despite it being seemingly simple to fix, Microsoft has commented to say that it's evaluated the bug, and has concluded that its risk is minimal enough to not fix it. That leads us to believe that Microsoft may not want to patch the bug up in case it causes issues in unexpected places - this is quite possible considering the fact that this bug has existed for nearly two decades.

With that said, if the bug were truly severe, it seems very likely that Microsoft would suck it up and patch it anyway. The company has made it clear that this is a non-issue, so that's all we can take it as right now. Considering the bug has been around for so long and hasn't been exploited up to this point, it's one that we hopefully won't have to think about again.


Via:  ZDNet
Show comments blog comments powered by Disqus