Project Zero: Injecting Code into Windows Protected Processes using COM - Part 1 By James Forshaw of Google's Project Zero Link: https://googleprojectzero.blogspot.com/2018/10/injecting-code-into-windows-protected.html
I been saying the same for a long time. We just have to play with the cards (code) that Microsoft Windows dealt us and will deal going forward in spite of the tons of new intrusion entry finds that will continue to crop up. That's why I always consider their systems and code a basic framework from the start and it still is and will be in it's current code structures. Thanks @WildByDesign for this article. COM was popular for tapping into Windows 98 back when, so I suspect many who even do security probes can also always reach back and find that much of what was, can still be used again in these updated newer versions with more clever modifications to reach goals or expose weaknesses today. You just gotta luv how those Recon researchers continue to intelligently dissect Windows workings and in turn their findings can prove very constructive to developing methods to pin back or prevent those potential issues in the future.
I wouldn't call it a joke, I think it's an interesting feature. I wish more security tools would make use of it. For example, MemProtect will let you protect certain processes against code injection. But I'm not sure if you can make exceptions, for example what if you want to protect your browser with HMPA or Sandboxie, they both need to inject code. https://excubits.com/content/en/products_memprotect.html
Part 2 (final part) has just been posted by James Forshaw of Google's Project Zero of this two part series on injecting into Protected Processes. Link: https://googleprojectzero.blogspot.com/2018/11/injecting-code-into-windows-protected.html I haven't read this one in full yet.
