I hope that CIS will not popup the alert window for hook installing when the target file is in the white list.
[attachment deleted by admin]
Read what it says in the last sentence
Because the target file is safe,
I think that CIS should allow this action automatically for reducing the alerts.
:-X
Yes, and allows keyloggers to gain your passwords… 
Not so because CIS does not trust the SOURCE file
That the same as if you want trojan mal19835.exe to be automatically allowed just because it wants to use svchost.exe which is gasp! a trusted file from Microsoft Corporation ;D
Could malwares gain passwords by installing the hook which is made by Microsoft?
???
Ablsolute Absolutely…
Take time to read the screenshot message and everything is explained in plain language.
It says right in the alert that this is commonly exploited by keyloggers, screen grabbers, and other methods of controlling legitimate programs.