Head Topics

Bad apps bypass Windows security alerts for six years using newly unveiled trick

Philippines News News

Bad apps bypass Windows security alerts for six years using newly unveiled trick
Philippines Latest News,Philippines Headlines
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 56 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 26%
  • Publisher: 61%

Windows SmartScreen and Smart App Control both have weaknesses of which to be wary

Elastic Security Labs has lifted the lid on a slew of methods available to attackers who want to run malicious apps without triggering Windows' security warnings, including one in use for six years.

Among the techniques uncovered by Joe Desimone, tech lead at Elastic, was one he dubbed"LNK Stomping," a bug in the way Windows shortcut files are handled that nullifies Windows'SmartScreen only scans files that are tagged with MotW and SAC is set up to block certain file types if they're marked, so any method that can circumvent MotW will naturally be a boon to malware miscreants.

This"trivial" technique involves crafting LNK files with non-standard target paths or internal structures. This forces Windows Explorer to correct these small errors before launching the malicious app, but in the process of correcting these errors, MotW is removed, which means SmartScreen and SAC don't flag it as malicious.

In the meantime, security pros are advised to adjust their detection engineering in line with the coverage gaps that are on display bySmartScreen and SAC are both reputation-based protections, and the historically tried and tested, yet difficult to execute, method of bypassing these was to sign a malicious app with a code-signing certificate.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

TheRegister /  🏆 67. in UK

Philippines Latest News, Philippines Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Microsoft Notepad: Windows 11 users to get spellcheck and autocorrect on Notepad 41 years after launchMicrosoft Notepad: Windows 11 users to get spellcheck and autocorrect on Notepad 41 years after launchQuite the wait for Microsoft to add this update 😅
Read more »

Boy, 8, killed in Birkenstead fire while survivors leapt from windowsBoy, 8, killed in Birkenstead fire while survivors leapt from windowsThe boy was pulled out of the ground-floor blaze but could not be saved.
Read more »

Sneaky SnakeKeylogger slithers into Windows inboxes to steal sensitive secretsSneaky SnakeKeylogger slithers into Windows inboxes to steal sensitive secretsMalware logs users' keystrokes, pilfers credentials, exfiltrates data
Read more »

as it happened: Hotels attacked, car windows smashed and police injuredas it happened: Hotels attacked, car windows smashed and police injuredRiots, involving far-right and anti-immigrant groups, continued on Sunday six days on from the Southport stabbings, which led to a wave of online misinformation.
Read more »

UK riots as they happened: Hotels attacked, car windows smashed and police injuredUK riots as they happened: Hotels attacked, car windows smashed and police injuredRiots, involving far-right and anti-immigrant groups, continued on Sunday six days on from the Southport stabbings, which led to a wave of online misinformation.
Read more »

Rotherham: Police attacked and windows broken at hotel protestRotherham: Police attacked and windows broken at hotel protestBottles and bits of wood have been thrown at officers outside a Holiday Inn Express in Rotherham.
Read more »



Render Time: 2025-08-29 09:32:32