Categories: NewsSecurity

Windows Zero-day Exploit Allows Hackers to Take Over any Installed Application

When computer operating systems start to turn on their users, things are not looking good by any means. A new zero-day attack that affects the Windows operating system will turn installed antivirus solutions into a legitimate malware threat. Antivirus vendors are not too concerned about this situation right now, even though it is still a troublesome development.

Compromising Antivirus Solutions is The Latest Hacker Trick

The DoubleAgent attack is a new zero-day attack vector targeting Windows operating system users all over the world. It appears DoubleAgent takes advantage of a legitimate Windows tool, which makes the whole ordeal quite worrisome. Cyber criminals can take advantage of the

Microsoft Application Verifier tool and turn installed antivirus solutions into a malware threat.

To be more specific, DoubleAgent takes advantage of an undocumented feature in the Microsoft Application Verifier. It appears this feature has been around ever since Windows XP came around. This feature allows developers to conduct runtime verification of their applications so they can address software issues. This same “tool” is now used to replace the legitimate verifier with a rogue version that gives assailants complete control over the application.

So far, it appears no vendor is safe from this zero-day exploit. Popular and lesser-known vendors are all vulnerable to criminals taking advantage of the Microsoft Application Verifier. To be more specific, the exploit gives assailants a relatively easy option to snoop on computer user activity, stealing data from the system, and even spreading to their devices connected to the same network.

Related Post

Moreover, the assailants would be able to control the installed antivirus solution without being detected. To the end user, it will appear the antivirus program is operating just fine, even though that is not the case. This issue is not exactly new either, as all affected vendors were notified about this problem over three months ago. For some reason, very few vendors issued a patch to address this problem, which means computers around the world are still vulnerable to this attack.

Although it appears this thread mostly pertains to hijacking antivirus solutions right now, there is no limit as to what criminals can do. In fact, they can use this exploit to gain control over any other application installed on the computer. All an assailant has to do is execute the exploit with the requested application name and the attack will occur automatically. This leaves computers wide open to many different types of hijacking, that much is certain.

Antivirus vendors are not overly concerned about this zero-day exploit right now, though.  In fact, doing real harm would require assailants to write directly to the Windows registry, which can only be done by someone with Administrator privileges. It is not unlikely an attacker could obtain these credentials, even though it somewhat reduces the threat level. That being said, this exploit should not be overlooked by any means, as it still puts Windows users at risk.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

4 hours ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

4 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

5 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

5 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

9 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

10 hours ago