‘Code Hooking’ Leads to Security Problems in Software Products
A technique called 'code hooking' which Microsoft as well as 3rd-party security firms implement, however, improperly, caused innumerable end-users vulnerable to assaults which effectively countered mitigation measures. A few of these measures, according to researchers, got bypassed for as long as 10 years even. Incidentally, hooking is that technique which various software applications use for pursuing operating systems' working so as to tap their functioning while altering the same, and sometimes even for injecting code into these OSs.
The researchers, Udi Yavo and Tomer Bitton, who belong to enSilo, a company specializing in prevention of data exfiltration, discovered six widely occurring security problems in more than fifteen software products at the time of examining the procedure wherein software companies utilize hooking technique for adding code to a process so that the 'application programming interface' (API) calls that are sensitive in nature and which the process makes can be tapped, monitored, and changed.
Researchers Yavo and Bitton examined certain hooking engines along with the code injection methods that over 15 separate software programs employed. The software programs were popular anti-virus programs of security companies McAfee, Kaspersky, AVG, BitDefender and Symantec; computer hacking protection solutions; anti-data leak safeguards; and system exploitation prevention programs. Itnews.com posted this, July 20, 2016.
The researchers' interest for the study comes from one earlier scrutiny that identified security issues in memory space of PCs that Kaspersky, McAfee and AVG worked on.
That earlier scrutiny, also by enSilo's researchers, detected how it was difficult for anti-virus software to append to other software programs or system APIs for checking for malicious operations.
The other software programs, which included performance and virtualization examining programs, were subject to malware infections that countered security software, as well as anti-malware solutions for operating systems.
Microsoft is aiming to release a fix for the said security software-countering problem in August. Nevertheless, according to Yavo and Bitton, it maybe difficult for developing an appropriate one for software employing code-hooking for want of reassembling of all the flawed software programs.
Pertinently, software companies are advised for patching their affected programs, while customers owning any should contact their providers for the same purpose.
» SPAMfighter News - 7/22/2016