Windows Flaw May Let Hackers Hide Code From AV Scanners - Yahoo! News
Windows Flaw May Let Hackers Hide Code From AV Scanners - Yahoo! News: "A flaw in how Windows handles entries in the all-important registry can be used by hackers to hide evidence of malicious code from a wide swath of commercial anti-virus and anti-spyware scanners, the SANS Internet Storm Center reported Friday. While the disclosure of the bug by Danish vulnerability tracker Secunia on Wednesday got little attention, Internet Storm Center (ISC) analysts believed it was far more dangerous than it looked.

'Once we started to play with [the vulnerability], the nastiness became apparent: An overly long registry entry can be added, but won't be shown by regedit and regedt32,' wrote ISC handler Daniel Wesemann on the group's alert site. 'Even better, all registry entries that get added afterward under the same key, even if not overly long, will be hidden as well.'"
- posted by Gp @ 7:30 AM