Jump to content

System Service Descriptor Table

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Rhymoid (talk | contribs) at 08:49, 9 October 2017 (removed huge listing of API names (see WP:RAWDATA), added stub template). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The System Service Descriptor Table (SSDT) is an internal dispatch table within Microsoft Windows.

Hooking SSDT calls is often used as a technique in both Windows rootkits and antivirus software.[1][2]

In 2010, many computer security products which relied on hooking SSDT calls were shown to be vulnerable to exploits using race conditions to attack the products' security checks.[2]

References

  1. ^ "Windows rootkits of 2005, part one". Symantec. 2005.
  2. ^ a b "Attack defeats 'most' antivirus software". ZD Net UK. 2010.
Stub icon

This Microsoft Windows article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=System_Service_Descriptor_Table&oldid=804482480"