A security researcher has discovered a new code injection technique that works on all recent Windows versions and allows miscreants to inject malicious code into other applications undetected. PROPagate code injection attacks work on both 32-bit and 64-bit processes, with little modifications. The technique is an evasion technique to hide malicious code, not an RCE or EoP and didn’t consider it worth reporting to Microsoft because it’s not a security flaw, the researcher said. Other possible avenues for future research include Microsoft Foundation Class Library (MFC) and Delphi applications.
Source: https://www.bleepingcomputer.com/news/security/researcher-details-new-windows-code-injection-technique-named-propagate/