Open Door: Unix Open Source Vulnerabilities Affect Mac OS X

Research, enSilo Corporate and Product, Mac OS X, Unix, Vulnerabilities

Today, Apple’s MacOS X 10.12.4 update includes security fixes for several open source vulnerabilities. The

Read More

Command Injection/Elevation – Environment Variables Revisited

Vulnerabilities, command injection, elevation, variables, enSilo Breaking Malware, UAC, Windows, code injection, enSilo Corporate and Product

Windows environment variables can be used to run commands and can also be used to bypass UAC, allowing an

Read More

Elastic Boundaries – Elevating privileges by environment variables expansion

Vulnerabilities, bypass UAC, elevation, environment variable, path redirect, variable expansion, enSilo Breaking Malware, UAC, Windows, code injection, enSilo Corporate and Product

Even though any process is provided with variables from its environment, they are often overlooked by

Read More

Captain Hook: Pirating AVs to Bypass Exploit Mitigations

Vulnerabilities, av, Detours, hooking, vulnerability, enSilo Breaking Malware, Windows, code injection, enSilo Corporate and Product

TL;DR: We found 6(!) different common security issues that stem from incorrect implementation of code

Read More

Sedating the Watchdog: Abusing Security Products to Bypass Mitigations

tools, Vulnerabilities, anti-virus, av, avulnerabilitychecker, Windows, enSilo Breaking Malware, enSilo Corporate and Product

TL;DR: Design issues in various security products, such as anti-virus, make it significantly easier for

Read More

Class Dismissed: 4 Use-After-Free Vulnerabilities in Windows

Vulnerabilities, Windows, vulnerability, exploit, enSilo Breaking Malware, enSilo Corporate and Product

Introduction

Today, Microsoft released their latest Patch Tuesday. This Patch includes a fix for

Read More

Vulnerability Patching: Learning from AVG on Doing it Right.

Vulnerabilities, enSilo Breaking Malware, Windows, enSilo Corporate and Product

Introduction

As part of our research, we analyze the intricate relationship between Anti-Virus and

Read More