A bug in the Microsoft Windows kernel opens the door for malware bypassing security solutions. According to EnSilo researchers, the vulnerability is present in all versions of the OS, from Windows 2000 to Windows 10.

"Vulnerability is a software error in the Windows kernel, because of which security vendors can not determine which modules were downloaded during the program run," said EnSilo expert Omri Misgav,.

The researchers found an error in the PsSetLoadImageNotifyRoutine mechanism used by some security solutions to determine when the kernel or user space was loaded with code.

With the help of the vulnerability, an attacker can force PsSetLoadImageNotifyRoutine to return an invalid module name and thereby issue malware for a legitimate.

Experts have notified Microsoft about their discovery at the beginning of this year, but the company did not consider it a problem. Judging by some publications on the Internet, some time has already been known about the error. Nevertheless, the reasons for its occurrence and consequences have never been described in detail before.