I found this article today … I haven’t seen any info on this forum about this big issue …
Security researchers from Cybellum have discovered another technique cyber criminals can use to take over your computer. The zero-day attack called DoubleAgent exploits Microsoft’s Application Verifier tool, which developers use to detect and fix bugs in their apps. Developers have to load a DLL into their applications to check them, and Cybellum’s researchers found that hackers can use the tool to inject their own DLLs instead of the one Microsoft provides.
https://www.engadget.com/2017/03/21/doubleagent-attack-anti-virus-hijack-your-pc/