While previous suggestions we provided were meant for developers, the current vulnerabilities cannot be closed/prevented directly as Microsoft is responsible to close the vulnerability, which could take a while, if at all. Thank you, and we look forward to more submissions from you in the future! Also, check out the Microsoft Bounty Program for your future research: Please continue your vulnerability research and help us protect our customers. Our product group will address the issue as needed. However, this case does not meet the bar for servicing by MSRC and we will be closing this case. Our engineers have investigated the report and we have informed the appropriate team about the issues you reported.
#What does windows sysinternals suite do keygen
Thank you again for your submission to MSRC.
Microsoft provided the following response after a month: Of course cryptbase.dll is just an example and it is not the only one as many imported DLL in SysInternals can be weaponized and since SysInternals tools are signed by Microsoft, these attacks can easily bypass existing security tools and go undetected. The team used Dependency Walker (also by Microsoft) to find all the DLLs imported to the SysInternals suite and then tested some of the more common apps, here are some examples: The Deceptive Bytes team decided to check if it just occurs specifically with Process Explorer or if it’s widespread and there are other tools in the SysInternals suite that are susceptible as well.