Microsoft’s AppLocker Backdoor Blunder: A Comedy of Errors in Cybersecurity

Microsoft planted a backdoor in AppLocker, allowing execution of DLLs like domain_actions.dll, bypassing security policies. To prevent this unwelcome guest, administrators should add explicit deny rules to their AppLocker configuration. Stay tuned and keep your distance from untrustworthy software!

1P
Published: September 23, 2025 4:14 amAdded: September 22, 2025 at 9:32 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

In a masterclass of unintentional irony, Microsoft seems to have given hackers a free pass with their latest “security enhancement.” Who knew a backdoor would be the hottest new feature of Windows 11? Move over, Clippy, there’s a new uninvited guest in town!

Key Points:

  • Microsoft has included two DLLs, domain_actions.dll and well_known_domains.dll, in its Edge browser and WebView component.
  • The DLLs are placed in user-writable locations, making them vulnerable to tampering.
  • This move inadvertently bypasses security measures like AppLocker, which typically blocks such executions.
  • The issue was identified in Microsoft’s release notes for Edge versions 135.0.3179.11 and 135.0.3179.54.
  • Security experts recommend adding explicit deny rules in AppLocker to prevent exploitation.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?