System Service Descriptor Table
Appearance
The System Service Descriptor Table (SSDT) is an internal dispatch table within Microsoft Windows.
Hooking SSDT calls is often used as a technique in both Windows rootkits and antivirus software.[1][2]
In 2010, many computer security products which relied on hooking SSDT calls were shown to be vulnerable to exploits using race conditions to attack the products' security checks.[2]
References
- ^ "Windows rootkits of 2005, part one". Symantec. 2005.
- ^ a b "Attack defeats 'most' antivirus software". ZD Net UK. 2010.