The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Dec. 19, 2023
Filed:
Mar. 21, 2019
Michael Gorelik, West Newton, MA (US);
Mordechai Guri, Nof Ayalon, IL;
Ronen Yehoshua, Matan, IL;
Morphisec Information Security 2014 Ltd., Beer-Sheva, IL;
Morphisec Information Security 2014 Ltd., Beer Sheva, IL;
Abstract
Embodiments described herein are capable of preventing the installation of unwanted software bundled with a desired application at runtime, while allowing the installation of the desired application to continue as expected. For example, the embodiments described herein create a decoy in memory that preempts unwanted code. The decoy attracts any illegitimate code and diverts it into a dead end (e.g., the code is isolated, thereby preventing it from properly executing), while installation of the legitimate code (i.e., the desired application) flows as expected. The foregoing detects that a reflective loading process of DLL associated with the unwanted application has occurred, identifies the entity that attempted to perform the reflective loading process, and prevents the entity from completing the reflective loading process without terminating the main installer. That is, the main installer will continue as usual (and install the desired application) while the installation of the unwanted application is blocked.