Skip to main content

AtomBombing Attack Could Be Huge Threat To Windows PCs

By November 12, 2016March 2nd, 2023Blog, Cybersecurity

atomxbombingResearchers at a cyber security company called EnSilo have found a new vulnerability in Windows PCs, and it’s about as bad as it could possibly get.

The new attack vector does not exploit a bug in the code, but rather, the design of the OS itself, which uses Atom Tables to store data that’s being used frequently and shared by multiple applications.

By injecting malicious code into these tables, a hacker can literally do anything.

Some of the examples given by the research team include changing the way browsers display information. So, if you’re making a banking transaction, the information appears legitimate on-screen, but behind the scenes, the hackers can change the information, routing your payment to their bank instead of your intended target, altering the amount information and the like.

In another example, the researchers outlined how it would be possible for the hackers to take screenshots of your desktop, activate peripheral devices and, of course, copy and/or delete files.

In other cases, if you’ve set your browser to save passwords information, since these reside in Atom Tables, the hackers would have access to them all in plain text format.

Because the exploit attacks the design of the OS itself, it is effective on all versions of Windows. It won’t matter if you’re running with the latest security patches or not, because in order to fix the problem, the core design of the OS will have to change.

So far, Microsoft has declined to comment on the findings, but you can be sure that they’ll be scrambling to fix this issue as quickly as possible. Unfortunately, that could be problematic, given that this isn’t a simple matter of closing a security loophole. This fix is going to require a complete rethink of the way Windows is put together, and a revamping of the way applications handle and share data across the platform.
Until that happens, every Windows PC in use today is at risk.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.