This short video shows how to use the Right To Left Override (RTL) hack to make a file extension seem like something else, using nothing more than the Windows Character Map.  Right To Left Override is a very dangerous feature that is being widely used by creators of malware and to my knowledge, there is no filtering or GPO or software to stop it.

I have worked with Microsoft Partner Support and after a few false starts, we completely gave up.  This is a big problem that security companies need to figure out how to block soon.

 


0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *