|Posted on June 2, 2017 at 3:25 PM|
Researchers at Cybellum, an Israeli zero-day prevention firm, have discovered a vulnerability in Windows that allows attackers to take complete control of the system. Named DoubleAgent, the vulnerability affects all the versions between Windows 10 and Windows XP.
According to Cybellum, "DoubleAgent gives the attacker the ability to inject and DLL into any process. The code injection occurs extremely early during the victim's process boot, giving the attacker full control over the process and no way for the process to protect itself. The code injection technique is so unique that it is not detected or blocked by any antivirus."
Cybellum said in its report that because DoubleAgent exploits a 15-year old legitimate feature of Windows, it cannot be patched. What makes things worse is that DoubleAgent continues to inject code after reboots, which enables it to survive reboots,
updates, reinstalls, and patches. Cybellum said that once the attacker decides to inject a dynamic-link library (DLL) into a process, they are "forcefully bounded forever. Even if the victim would completely uninstall and reinstall its program, the attacker's DLL would still be injected every time the process executes."
Even antivirus programs can't prevent attacks because DoubleAgent takes complete control of any antivirus program by "injecting code into it while bypassing all of its self-protection mechanisms. The attack has been verified and works on all major antiviruses including but not limited to: Avast, AVG, Bitdefender, Comodo, ESET, F-Secure, Kaspersky,Malwarebytes, McAfee, Norton, Panda, Quick Heal and Trend Micro" said Cybellum.
So What is the solution? For starters, you a LIVE Linux DVD. Then copy all of your files to an external hard drive if necessary. Then uninstall Windows and reinstall a new Linux Operating System. The problem will be solved. Please comment....