New Approah To DLL Search Order Hijacking Allows Bypassing Windows 10 and Windows 11 Protection Mechanisms

Security researchers have uncovered a novel variant of DLL search order hijacking, posing a threat to Microsoft Windows 10 and 11 systems. This technique exploits executables within the trusted WinSxS folder, allowing threat actors to execute malicious code without elevated privileges and introducing potentially vulnerable binaries into the attack chain. By manipulating the search order for DLLs, adversaries can compromise machines for defense evasion, persistence, and privilege escalation, targeting applications that lack specified library paths. Read more...