Vulnerability Allows Cybercriminals to Evade Malware Detection

As a result of a Path Traversal bug in the .NET Core library of Microsoft, attackers could now implement malicious code on to a system without being detected by antivirus and end-point detection software. Paul Laîné of Context Information Security was the first to find this vulnerability and claims that this is made possible because of two main reasons. Firstly, .NET Core allows one to use a custom DLL as its garbage collector. Secondly, the environment variable “COMPlus_GCName” is not sanitised and enables traversal characters from the garbage collector to go unfiltered.

Source: Bleeping Computer