A new code injection technique called AtomBombing has been uncovered by researchers at enSilo. AtomBombing was found to be effective against all versions of Windows. AtomBombing exploits the operating system’s atom tables which are provided by the operating system to allow applications to store and access data.
enSilo’s Tal Liberman explained that “What we found is that a threat actor can write malicious code into an atom table and force a legitimate program to retrieve the malicious code from the table. We also found that the legitimate program, now containing the malicious code, can be manipulated to execute that code.” and depending on the process in which it was injected, the malicious code could allow attackers to take screenshots, access encrypted passwords, or perform Man in the Browser (MitB) attacks noted helpnetsecurity.
There is no way to fix this issue as it is not a vulnerability but security solutions can start monitoring API calls for malicious activity.