FindADetour: The Tool that Tests for Vulnerable Microsoft's Detours

Research, enSilo Corporate and Product, FindADetour, hooking, Windows, Malware

Today’s Microsoft September Patch Tuesday includes a patch to what they had tagged as a fix for Microsoft Office. Behind the scenes, however, that fix extends beyond Microsoft Office to hundreds of applications developed by Microsoft as well as hundreds of other software vendors. Accordingly, this fix affects millions of users – from those

Read More

Intrusive Applications: 6 Security Issues to Watch Out for in Hooking

Research, enSilo Corporate and Product, Windows, hooking, Malware, code injection

For over a year our enSilo researchers have been looking into hooking engines and injection methods used by different vendors. It all started back in 2015 when we noticed injection issue in AVG but this was only the tip of the iceberg. A few months after that we noticed similar issues in McAfee and Kaspersky Anti-Virus. At that point we decided

Read More

Captain Hook: Pirating AVs to Bypass Exploit Mitigations

Vulnerabilities, av, Detours, hooking, vulnerability, enSilo Breaking Malware, Windows, code injection, enSilo Corporate and Product

TL;DR: We found 6(!) different common security issues that stem from incorrect implementation of code hooking and injection techniques. These issues were found in more than 15 different products. The most impactful discovery was that three different hooking engines also suffer from these kind problems, including the most popular commercial

Read More