"New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections"
"New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections"
According to researchers at Security Joes, there is a new variant of the Dynamic Link Library (DLL) search order hijacking technique that threat actors could use to evade security mechanisms and execute malicious code on Microsoft Windows 10 and Windows 11 systems. The approach involves executables commonly found in the trusted WinSxS folder and exploits them using the classic DLL search order hijacking technique. Through this method, malicious actors can avoid the need for elevated privileges when trying to run malicious code on a compromised machine.