System Service Descriptor Table
The System Service Descriptor Table (SSDT) is an internal dispatch table within Microsoft Windows.
Hooking SSDT calls is often used as a technique in both Windows rootkits and antivirus software.[1][2]
In 2010, many computer security products which relied on hooking SSDT calls were shown to be vulnerable to exploits using race conditions to attack the products' security checks.[2]
References
- ↑ "Windows rootkits of 2005, part one". Symantec. 2005.
- 1 2 "Attack defeats 'most' antivirus software". ZD Net UK. 2010.
This article is issued from
Wikipedia.
The text is licensed under Creative Commons - Attribution - Sharealike.
Additional terms may apply for the media files.