Author Topic: Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes  (Read 529 times)

0 Members and 1 Guest are viewing this topic.

Offline Antus67

  • Full Member
  • ***
  • Posts: 94
    • View Profile
 Author: Tara Seals
March 12, 2019

A previously unknown bug in Microsoft Windows would allow an attacker to spoof Windows dialog boxes that surface when making changes to the Windows registry. This would allow an adversary to plant malware or make other nefarious changes in the registry while getting around Windows’ built-in defenses, according to a researcher.

Normally when there is a change to the registry using a .reg file, a registry security warning dialog box will open, with an “are you sure you want to continue?” message and the option to click either “Yes” or “No.” According to white-hat researcher John Page (a.k.a. hyp3rlinx), it’s possible to edit what the dialog box says, to trick users into clicking “Yes.” For instance, an edited security prompt can tell them to click “Yes” to abort if they do not trust the source of the file. In reality, “Yes” clears the process to continue.

Full Article Here: