A critical flaw in Windows 10 anti-malware scan interface has been discussed. It allows bypass malware code when a null character is read. The February Windows 10 security patch fixes the exploit and should be installed immediately.

Windows 10’s anti-malware scan interface, also known as AMSI, is bypassing files whenever it detects a null character and leaving malicious code included.

The flaw was detected by security researcher Satoshi Tanda, that revealed it in a February 16 blog post. Microsoft patched the flaw in its February security update, which is why Tanda published his piece breaking down all the details of this serious security flaw.

It isn’t known if this Windows 10 AMSI exploit has been used by actual attackers, but with it now being publicly known it’s sure to be attempted. With a patch already available for the problem, anyone who falls prey to it will be in the same boat as victims of other high-profile cyberattacks; that is, guilty of not installing essential Windows 10 security updates.

This flaw was patched in the last round of security updates. However, that doesn’t mean attackers won’t try to exploit it. WannaCry, Petya, and other widespread cyber attacks from 2017 relied on unpatched systems to propagate. This is, in fact, a big problem for all security matters.



Be safe: Install the February Windows 10 security updates ASAP.


2 Replies to “Windows 10 null character flaw keeps malware hidden

Deixe um comentário

O seu endereço de email não será publicado. Campos obrigatórios marcados com *