Microsoft Windows is no longer secure: A new bug can enable hackers to install Rootkit in your device

Sep 25, 2021 | Shaoni Ghosh

Microsoft Windows is no longer secure: A new bug can enable hackers to install Rootkit in your device title banner

The Findings

 

Researchers discovered an unfixed vulnerability in Microsoft's Windows Platform Binary Table (WPBT), which impacts all Windows-based devices since Windows 8, and may be used to install a rootkit and compromise device integrity.

 

Every OS is vulnerable to attacks that install fake vendor-specific tables due to loopholes in Windows. Because of the widespread use of ACPI and WPBT, these motherboard-level vulnerabilities may render projects like Secured-core obsolete.Experts claim that attackers with physical access or remote access can misuse these tables.

 

WPBT is a feature that was first introduced in Windows 8 in 2012 and allows boot firmware to supply Windows with a platform binary that the OS may process.

 

PC makers can use UEFI to point to certified portable executables or other vendor-specific drivers that are included in the UEFI firmware ROM image and can be loaded into physical memory during Windows boot-up. To put it another way, it enables users to pre-load any OS code before running it on a device.

 

WPBT is built to keep important functions like anti-theft software running even if the operating system is changed, formatted, or reinstalled.

 

(Recommended Blog: Security Analytics)

 

Misuse of the technology, according to Microsoft, might pose a security risk. It also allows the installation of rootkits on computers.

 

(Must Check: 7 Best Data Security Practices)

 

WPBT-based solutions must be as safe as feasible, with no vulnerable circumstances for Windows users. Microsoft warns that the Malware (malicious software or undesirable software) must not be deployed without the agreement of the user in WPBT solutions.

 

(Related Reading: Malware- one of the types of Cyber Threats)

 

According to TheHackerNews, the WPBT method can accept a signed binary with a revoked or expired certificate to entirely circumvent the integrity check, allowing an attacker to sign a malicious binary with an already accessible expired certificate and run arbitrary code with kernel privileges when the device starts up.

 

Microsoft has advised applying a Windows Defender Application Limit (WDAC) policy to strictly control what binaries can be allowed to execute on devices in response to the results.Researchers have discovered a second set of flaws in the boot process of devices that may be exploited to achieve remote execution. 

 

The current revelation comes after a different series of findings in June 2021 involving a group of four vulnerabilities known as BIOS Disconnects.

Tags #Technology
Advertisement

richardwahl511ebc15db66e0c42f2

Feb 15, 2025

After I won the lottery and then people kept on asking me how did i do it, well yea there is a little secrete you all never knew about, I was able to win the 2,000,000.00$ lottery with the help of Dr. PRINCE lottery winning spell, he gave me number to play and instructed me when to play the lottery and i did as he instructed, my dear friends getting rich is never by luck it's something we all have to work for, people have been playing same lottery for years now and have never won, we need to be on the right track to get what we want, I’m saying this here because i want the best for everyone, you can't win the lottery just like that you need to know exactly what to do, what to play and when to play this is a truth that no one will ever tell you, if you want to win or know what i am talking about just reach out to Dr. PRINCE here: lovetemplesolution@priest.com or WhatsApp via: +254795696876 Email: lovetemplesolution@priest.com WhatsApp: +254795696876

bosch98800a6958f6d97ac4a64

Feb 24, 2025

Can Seed Phrase to My Crypto Wallet Be Retrieved? That was the question that went through my mind for weeks after I lost my seed phrase, and not until I attempted to research it that I found out about Morphohack Cyber Service, a crypto recovery company that has been able to help others like me recover their seed phrase which was lost, access to crypto wallet and recover crypto funds from con men. I’m hugely grateful for the services of Morphohack Cyber Service in helping me retrieve my seed phrase and access to my crypto wallet, I was depressed for weeks without any luck of ever getting my seed phrase back until I came across Morphohack Cyber Service, their professional team was very helpful, supportive and carried me along with the process of retrieving my seed phrases. I can confidently give you a 100% guarantee that you can trust them to recover any amount of crypto funds, data, and private information. These guys were a genius and that is just the word I can find right now to explain how amazing their service was. You can contact Morphohack If you are ever in need of a service of a professional crypto recovery team, their contact information below (MORPHOHACK@CYBERSERVICES . COM) WhatsApp(+1 213 672-4092)

katemillerworld670c918e86fd38c44e9

Feb 26, 2025

Crypto Currency’s has been the general direction of the economic development which individuals like to save up with instead of banks. I lost my bitcoin to fake blockchain impostors on Facebook when they contacted me as blockchain official support and I fell for their mischievous act. Whatever information I gave them, made them gain access into my blockchain wallet and made away with my $955,000. I lost it and almost commited suicide because this were all my savings waiting for bitcoin rate to improve. I wrote directly to the specialist whom I was referred to by my sister-in-law swift1@cyberservices.com explaining my loss. He helped me recover my crypto in just after 72hours and he as well helped me launch the recovery program all thanks to his expertise. I believe that someone out there will need his great services that is why I am referring him to someone. Reach out to Century Hackers to recover you lost funds from any form online. You can also email them via swift1@cyberservices.com or WhatsApp +1 845 224 5771

thomascuesta0336fdd3fd066745ab

Jul 22, 2025

My name Thomas Cuesta I'm wealthy today because of Dr Benjamin the spell caster who I came in contact with on the internet after I saw series of exploit on how he had helped so many people wins the lottery jackpot, so I contacted him via his email, I told him that I have been playing the lottery for the longest of time now I haven't been lucky enough to strike the jackpot, He gave me the assurance that he's going to help me win and he instructed me on what to do which I did diligently after few hours he gave me the lottery winning numbers and he instructed me to play, I did play as instructed after the draw was out I won the mega million jackpot of $340,000,000,00. Dr Benjamin I can't thank you enough for changing my life. To as many of you who desire to win, below is his contact information. Email:drbenjaminlottospell711@gmail.com WhatsApp: +18588585788 Call +1766036031 website https://dr-benjamin.com

thomascuesta0336fdd3fd066745ab

Jul 22, 2025

My name Thomas Cuesta I'm wealthy today because of Dr Benjamin the spell caster who I came in contact with on the internet after I saw series of exploit on how he had helped so many people wins the lottery jackpot, so I contacted him via his email, I told him that I have been playing the lottery for the longest of time now I haven't been lucky enough to strike the jackpot, He gave me the assurance that he's going to help me win and he instructed me on what to do which I did diligently after few hours he gave me the lottery winning numbers and he instructed me to play, I did play as instructed after the draw was out I won the mega million jackpot of $340,000,000,00. Dr Benjamin I can't thank you enough for changing my life. To as many of you who desire to win, below is his contact information. Email:drbenjaminlottospell711@gmail.com WhatsApp: +18588585788 Call +1766036031 website https://dr-benjamin.com

thomascuesta0336fdd3fd066745ab

Jul 22, 2025

My name Thomas Cuesta I'm wealthy today because of Dr Benjamin the spell caster who I came in contact with on the internet after I saw series of exploit on how he had helped so many people wins the lottery jackpot, so I contacted him via his email, I told him that I have been playing the lottery for the longest of time now I haven't been lucky enough to strike the jackpot, He gave me the assurance that he's going to help me win and he instructed me on what to do which I did diligently after few hours he gave me the lottery winning numbers and he instructed me to play, I did play as instructed after the draw was out I won the mega million jackpot of $340,000,000,00. Dr Benjamin I can't thank you enough for changing my life. To as many of you who desire to win, below is his contact information. Email:drbenjaminlottospell711@gmail.com WhatsApp: +18588585788 Call +1766036031 website https://dr-benjamin.com

thomascuesta0336fdd3fd066745ab

Jul 22, 2025

My name Thomas Cuesta I'm wealthy today because of Dr Benjamin the spell caster who I came in contact with on the internet after I saw series of exploit on how he had helped so many people wins the lottery jackpot, so I contacted him via his email, I told him that I have been playing the lottery for the longest of time now I haven't been lucky enough to strike the jackpot, He gave me the assurance that he's going to help me win and he instructed me on what to do which I did diligently after few hours he gave me the lottery winning numbers and he instructed me to play, I did play as instructed after the draw was out I won the mega million jackpot of $340,000,000,00. Dr Benjamin I can't thank you enough for changing my life. To as many of you who desire to win, below is his contact information. Email:drbenjaminlottospell711@gmail.com WhatsApp: +18588585788 Call +1766036031 website https://dr-benjamin.com

barrysilbert33180df6b4bf31f4290

Jul 22, 2025

When people hear about crypto scams, their typical reaction is disbelief, as if it only happens to careless or reckless individuals. Before I share my experience, if you’re in need of a reliable crypto asset and fund recovery service, their contact information is listed below. E-Mail: Morphohack@cyberservices .com My family fell victim to a crypto investment scam that wiped out nearly everything we had worked so hard to build. We lost $407,000 worth of USDT and Bitcoin earlier this year, funds that represented years of savings, hard work, and dreams for the future. It all began with what appeared to be a legitimate investment opportunity. We were contacted, or more accurately, targeted by individuals claiming to represent a well-established crypto trading platform. They were smooth, articulate, and came armed with all the hallmarks of a trustworthy financial institution. This led us to believe they were legitimate, and we began investing with them. Unfortunately, we soon discovered they were fraudsters. By the time we realized the truth, our investment had vanished. All communication ceased, and there was no way to reach them. The story didn’t end there. While the emotional toll was immense, we were desperate for answers and reached out to everyone we knew who might be able to help. A family friend introduced us to a group called Morphohack, a team specializing in digital asset and cryptocurrency recovery. Their contact information is provided above. Morphohack was professional, knowledgeable, and incredibly helpful throughout the entire process. After conducting their investigation, they successfully recovered our funds within a few days. Thanks to their meticulous documentation and coordination with the relevant authorities, we were able to reclaim the full $407,000. Morphohack accomplished what we thought was impossible, and we are deeply grateful for their outstanding work and support

delacruzmayra718c3004cecba82466a

Aug 11, 2025

How I Lost $135,000 in Crypto—and Recovered It I never imagined I’d lose $135,000 in USDT with one small mistake. But that’s exactly what happened when I accidentally sent the funds to the wrong wallet address—one with no history, no identity, and no way to reach. The moment I realized it, I felt sick. I refreshed the transaction over and over, hoping it was a mistake. It wasn’t. The money was gone, and every crypto user knows the rule that blockchain transactions can’t be reversed. I fell into despair. It felt like the end of everything I had worked for. And then, I was introduced to a cybersecurity firm called SPYHOST. Skeptical but desperate, I reached out. What followed blew me away. Their team was professional, calm, and impressively equipped. They didn’t promise miracles, but they took action. Using advanced tools and forensic techniques, they tracked the funds, traced the wallet activity, and within 48 hours, my crypto was fully recovered. I never thought recovery in crypto was possible until it happened to me. SPYHOST didn’t just bring back my funds; they gave me peace, clarity, and a second chance. If you ever find yourself in a similar situation, they can be contacted via: Email: [Spyhost@cyberdude.com] WhatsApp: +1 (228) 313-3152

veronicafabio925e53eac7681a44483

Aug 12, 2025

ALL THANKS TO TROJANHACK CYBER SECURITY COMPANY. I'm veronica 54 years old from Venice, Italy. I was finally able to recover my lost USDT and some BITCOIN I sent to a Fake Forex Guru I met on Facebook some months ago. As a financial market enthusiast. I was thrilled at the results ( profits) they do post on their Facebook page every day. I decided to give it a try and I sent them a private Message which took them less than 24 hours to reply. After the discussion I had with them and more results of investors shown to me, I was convinced they are genuine and I decided to invest the sum of 40,200 USDT for a start.. i signed the agreement and all necessary document with MOU ( memorandum of understanding). After the first 3 months I got returns on investment as agreed. Then I decided to add more funds to my portfolio with them with the sum of 12,000 USDT in BTC conversation. After another cycle to get my returns on investment, they came up with stories, demanding I needed pay certain amount of money before I can make withdrawals of which was not the case on initial withdrawals and wasn't also on the agreement. I was so confused, dumbfounded. after several attempts to get back my funds and to which i couldn't. i decided to open up to a colleague about the incident and he made me to further realised i've been swindled. On trying to look for a means to get my funds recovered if it's ever possible. I was lucky to trip over TROJANHACK CYBER SECURITY COMPANY's testimonies by a blog post online and i contacted them. After reaching out to TROJANHACK with effective communication, providing necessary information. They were able to recovered my lost USDT AND BITCOIN within a week. I'm forever grateful to them for bringing restfulness back to my life and finance. They are special and I highly recommend them for anyone battling with such situation. You can reach out to them via their email: Trojanhack@qualityservice.com