Microsoft - Security conscious as always
Trust us with your security - we know what we are doing
Elastic Security Labs has lifted the lid on a slew of methods available to attackers who want to run malicious apps without triggering Windows' security warnings, including one in use for six years. The research focused on ways to bypass Windows SmartScreen and Smart App Control (SAC), the go-to built-in protections against …
“ Windows Explorer then recognizes the error in the target path and searches for the real executable, corrects the target path, and updates the file which in turn removes MotW.”
We can expect a whole new generation of vulnerabilities when Copilot gets in on the act.
[Aside: This looks like a problem that translating/rewriting into Rust isn’t going to fix…]
Arthur: I am Arthur king of the Britons. Step aside brave knight we must pass this bridge.
Black Knight: None shall pass.
Arthur: I am Arthur, king of the Britons. I have no quarrel with you sir knight but I must pass.
Black Knight: Then you shall die.
Arthur: I am ./Arthur, king of the Britons.
Black Knight: Go on then.
Of the places that have that annoying Defender feature that wants to stop me from running exe files. Open cmd.exe as admin and launch the filename.exe from there. No stupid popup. Yes I am a desktop admin, yet cannot reinstall apps or update drivers so am forced to use workarounds.