A newly identified Windows 10 security flaw lets hackers install malicious apps on any machine, without business owners being made aware anything out of the ordinary is happening. The issue lets anyone familiar with Windows security bypass its defenses without leaving any trace on the machine.
Discovered accidentally, the issue is significant, and Microsoft is yet to issue a patch.
Found by Casey Smith, the Windows vulnerability doesn’t affect only Windows 10 machines. Malicious hackers could take advantage of the security flaw on enterprise versions of Windows dating back to Windows 7.
The issue concerns a program called Regsvr32 (and Regsvr64 for 64-bit machines), which lets anyone execute code on a Windows computer from remote network locations. The flaw doesn’t trigger the AppLocker security software, which is supposed to only let users run apps from trusted sources, and it doesn’t leave any traces in the registry, as it doesn’t need administrator access.
In other words, pretty much anyone could use it to install and run any application on an unsuspecting employee’s Windows machine. Microsoft has not yet provided a fix for the issue, but users can disable the Regsvr program using Windows Firewall.
More details on Smith’s findings are available at the source links, including proof of concept scripts to demonstrate the security issue.