AtomBombing - Injecting Code Using Windows’ Atoms

Explore a cutting-edge code injection technique called AtomBombing in this 27-minute conference talk from Security BSides San Francisco. Discover how this method exploits Windows atom tables and Async Procedure Calls (APC) to bypass common security solutions. Learn about the technique's impact on all Windows versions, including Windows 10 and Windows 7, and understand why it cannot be easily patched due to its reliance on core operating system mechanisms rather than flawed code. Gain insights into the challenges of detecting and preventing this infiltration method, which was undetectable by many security solutions at the time of its release in October 2016.

BSidesSF 2017 - AtomBombing: Injecting Code Using Windows’ Atoms (Tal Liberman)