Hackers Can Abuse Windows Container Isolation Framework to Bypass Organization Security Defences

Recently, cybersecurity researchers at Deep Instinct have asserted that hackers can exploit the Windows container isolation framework to bypass the security defenses and mechanisms of organizations.

Containers revolutionize the way applications are packaged and isolated, empowering them with their complete runtime environment enclosed within.

That’s why the containers are crucial for resource efficiency and security. Besides this, Microsoft introduced Windows Container in Windows Server 2016, which offers the following two key distinct modes:-

  • Process isolation mode
  • Hyper-V isolation mode

Hackers Abuse Windows Container Isolation

Since Windows Server 2003, job objects group processes for unified management, as they control attributes like-

  • CPU
  • I/O
  • Memory
  • Network use

Besides this, in the case of managing multi-processed apps, Nested Jobs helps in doing so. 

With extra features, Silos extend the jobs, while the containers use ‘Server Silo’ for process grouping and resource redirection. Besides this, by using the following APIs, the Windows Kernel detects the silo-assigned processes:-

  • PsIsCurrentThreadInServerSilo
  • PsIsProcessInSilo

Reparse points store user data, parsed by file system mini-filter drivers with unique identifying tags. Containers use dynamic images to avoid OS file copies, linking to originals through reparse points, reads Deep Instinct report.

Dynamically generated image (Source – Deep Instinct)

The primary task of the Mini-filter drivers is to simplify the I/O filtering, and Microsoft’s filter manager does the following things:-

  • Aids legacy filters
  • Managing insertion
  • Request handling
  • Cross-platform support

For common operations, it also offers a dedicated API, which is the “Flt API.” 

Mini-filter architecture (Source – Deep Instinct)

The wcifs mini-filter driver separates Windows containers from the host file system, managing ghost file redirection via reparse points.

Moreover, with this driver, the following main reparse tags are associated:-


At this point, the minifilters attach indirectly to file systems via the filter manager’s integer altitude values. 

Here below, we have mentioned the functioning altitude range of the wcifs.sys driver and the antivirus filters:-

  • wcifs.sys driver: 180000-189999
  • Antivirus filters: 320000-329999

These altitude figures clearly depict that hackers could perform several file operations without triggering any callbacks.

In an attempt to combat threats like this, security vendors deploy mini-filter drivers for I/O monitoring, using algorithms to detect file system malware and prevent damage.


Here below, we have mentioned all the mitigations offered by the security researchers:-

  • Monitor DeviceIoControl calls + FSCTL_SET_REPARSE_POINT with IO_REPARSE_TAG_WCI_1 tag. Check-in PRE_WRITE callback, and scan in PRE_CLEANUP even if unchanged.
  • Make sure to validate wcifs’ communication port against non-system processes.
  • Always validate the container by comparing source and destination volumes.
  • Ensure wcifs are attached by a user process, not the system, or when the containers feature is off.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.

Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.