One of the greatest strengths of the Windows operating system is backwards compatibility. Many classic programs from the DOS-age or early-Windows days are still running fine on modern versions of Windows.
Along with the strength comes a weakness, as exploits may target these legacy systems.
Researchers at
Duo Security discovered an issue in Microsoft's Enhanced Mitigation Experience Toolkit (EMET) that allows them to bypass the protection it adds to the system by using the
WoW64 compatibility layer provided by 64-bit versions of Windows.
WoW, or Windows on Windows, enables 32-bit applications to run on 64-bit machines. While most Windows systems these days are 64-bit machines, many of the programs run on these machines are not.
WoW64 is part of all 64-bit versions of Windows including Windows 7, Windows 8.1 and Windows 10 as well as all server editions of the operating system.
The WoW64 subsystem comprises a lightweight compatibility layer that has similar interfaces on all 64-bit versions of Windows. It aims to create a 32-bit environment that provides the interfaces required to run unmodified 32-bit Windows applications on a 64-bit system.
