The issue, spotted this week by enSilo security researcher Omri Misgav, lies within the system called PsSetLoadImageNotifyRoutine.
A kernel bug that impacts Windows versions released over the past decade and a half remains unpatched, enSilo security researchers claim.
Researchers say that a bug in the Windows kernel could allow hackers to perform malicious actions by tricking security products blindly relying on a Windows API.
enSilo discovers how malware developers can abuse a programming error in the Windows kernel to prevent security software from identifying if, and when, malicious modules have been loaded at runtime.
Asked for comment, a Microsoft spokesperson offered the following statement: “Our engineers reviewed the information and determined this does not pose a security threat and we do not plan to address it with a security update.”
The flaw, according to security firm EnSilo, has been present on previous versions of Windows dating back to Windows 2000 and can be found on Windows 10 as well.
During research into the Windows kernel, we came across an interesting issue with PsSetLoadImageNotifyRoutine which as its name implies, notifies of module loading.
Researchers found a Microsoft kernel flaw in the PsSetLoadImageNotifyRoutine in all operating systems from Windows 2000 to the most recent version of Windows 10, which could allow attackers to bypass antivirus systems and load malware.
The company added enhanced capabilities around threat hunting, communicating applications, reputation scoring, and improved visibility around system events in its new System Events Viewer. The company said the latest update adds to its next-generation antivirus and EDR capabilities with new features to protect against advanced malware threats using automation.
As the number of security threats grow, so too does the number of startups with innovative security technologies to help IT operations protect against those threats. As part of CRN’s 2017 Emerging Vendors list, enSilo is one of the hot security startups founded after 2011.
2017 Chief Information Officer Leadership Forum
Atlanta, GA – December 12 —Argyle Executive Forum is bringing together senior IT executives from a range of industry verticals for their annual Atlanta event. Throughout a full day of content and networking, we will focus on the most pressing issues that IT executives are tackling as the role that technology plays within the organization continues to evolve.
Los Angeles Cyber Security Summit
Los Angeles, California – November 29 — The annual Los Angeles Cyber Security Summit connects C-Suite and Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts.
2017 Information Technology & Security Forum
Boston, MA – December 7 — Bringing together leading IT and InfoSec executives for our 2017 Information Technology & Security Forum in Boston. Throughout a full day of content and networking, we will focus on the most pressing issues that InfoSec professionals will face going into 2018.
Ensilo: Recognized by the Best
See what they’re saying...
enSilo Wins 2017 Red Herring Award
For the second year in a row, enSilo has been recognized with the Red Herring Top 100 award. The 100 winning companies, selected from thousands of prospective startups and tech firms, represent the cutting edge of North America’s world-class technology industry–and demonstrate the region’s continued reputation for digital excellence. The award has been given out every year since 1996 by the innovation magazine and news service Red Herring.
enSilo’s CEO Roy Katmor has been honored as one of the Top Rated CEOs in San Francisco
The launch of Owler Inaugural Top Rated CEO Awards provides a true market view of the best-loved leaders across 50 cities and 25 industries worldwide. They looked at 167,000 CEOs on Owler to identify the top 1,000. As one of the awardees, enSilo’s CEO is among the top 0.60 percent of executives on Owler, putting enSilo at the pinnacle of business leadership.
enSilo Wins 2016 Ciconnect Most Innovative Company
CiCConnect event held by CICC – California Israel Chamber of Commerce selects each year the most innovative Cyber Security company. The honorable panel of 5 judges from leading VC companies and key Silicon Valley security experts unanimously voted enSilo as the CICC Most Innovative Company in 2016. The event took place at Microsoft’s Silicon Valley campus at Mountain View.
enSilo Awarded A Top 10 Security Solution Provider- 2016
Published from Fremont, California, Banking CIO Outlook is a print magazine that features CIOs, ITVPs, CTOs and other decision makers’ opinions and suggestions that helps clients to address the issues in the banking industry. A panel of experts, and professionals including board members of Banking CIO Outlook magazine finalized the list of “Top 10 Security Solution Providers 2016” and short listed the best consultants and vendors.
enSilo Named Cool Vendor In Digital Workplace Security, 2016
Each year, Gartner recognizes vendors across different fields as offering a new technology or approach to better solve existing problems; and others that offered innovative solutions to solve new problems. These vendors are not selected as Cool Vendors simply because they have interesting technology, but also because of the growth and success of their company in using technology differently to solve customer problems resulting in tremendous traction.
enSilo Featured By Forst & Sullivan As Movers And Shakers
Frost & Sullivan is proud to showcase Movers & Shakers interviews, highlighting dynamic companies and leaders in the corporate world. These organizations and individuals are recognized for achieving milestones such as launching a breakthrough technology, executing a key strategic acquisition, or implementing a revolutionary vision for the future of their industries.
enSilo Wins 2016 Red Herring Award
Every year since 1996, the innovation magazine and news service Red Herring selects the 100 most promising tech and life sciences companies, with separate contests for the United States, Europe and Asia. Red Herring editors were among the first to tip the world to the importance of companies such as Facebook, Twitter, Google, Yahoo, Skype, Salesforce.com, YouTube, Palo Alto Networks and eBay.
enSilo Has Been Named A Winner Of Owler 2016 Hot In San Francisco Award
Each year, Owler recognizes the top trending companies in cities around the world. They sifted through over 15 million companies on their platform to find the most award-worthy businesses, and wound up with 4,500 winners across the 600 most popular cities on Owler. Recipients are chosen based on several different metrics, including number of followers on Owler, insights collected from their community, social media followers, and blog posts over the past year.