Welcome to WebmasterWorld Guest from 54.221.45.195

Forum Moderators: bill

Message Too Old, No Replies

Windows 7 Hacked Before Its Offically Released

     

frontpage

5:56 pm on May 8, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hacked before it's out
By Robert Munro
Thursday, 7 May 2009, 14:19

INSECURITY RESEARCHERS in India have released a proof-of-concept bootkit that can be used by an attacker to gain stealthy control of Windows 7 systems.

The software, called Vbootkit 2.0, was revealed last month at the Hack In The Box computer insecurity conference in Dubai. At the time, developers Vipin Kumar and Nitin Kumar had said they wouldn't publicly release the code lest it be misused.

They've since changed their minds and have released Vbootkit 2.0 under an open sauce licence, according to PC World. They said their reason for releasing the proof-of-concept attack was to encourage security researchers to develop defences against the technique used.

"All we are trying to do is help more people understand the real enemy, malware, so new innovations can occur," Vipin Kumar wrote in an email.

Vbootkit 2.0 can be foiled by using Bitlocker hard drive encryption and a Trusted Platform module, but many Windows 7 capable PCs don't have those features.

Microsoft doesn't consider it a serious threat to Windows 7 because it doesn't enable a remote attack.

However, a malware writer might modify the Vbootkit 2.0 code to turn it into a remote attack tool as has been done with other bootkit software in the past.

Since it might be months before Windows 7 is released by Microsoft, it sounds possible that the Vole's next big thing might hit the streets with malware ready and waiting to greet it.

[theinquirer.net ]

bill

3:19 am on May 9, 2009 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



They've since changed their minds and have released Vbootkit 2.0 under an open sauce licence, according to PC World.

That's a good one. ;)

The PC World article referenced is a bit better of a read: Despite Pledge, Researchers Release VBootkit 2.0 Code [pcworld.com]

I guess it's preferable that they're releasing this code during the beta stage. I don't think it would be fair to release code like this for a production OS.

kaled

12:16 pm on May 9, 2009 (gmt 0)

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I'm afraid that I must agree with Microsoft on this one. This is just a bit of publicity seeking. The same approach could doubtless be used on most operating systems.

it exploits a design flaw in the operating system, which assumes that the boot process can be trusted and is safe from attack.

I'm not sure how the use of bit locker and a TPM can protect against this (as is mentioned in the article) but I assume that a hash for the bootfiles is stored somewhere to permit validation - this could be done by the bios without encryption if the bios-writers had a mind to do so. Indeed, the initial boot files could be stored in flash memory. Changes could be written to a parallel area and only installed when confirmed by the user after the initial POST routine has completed. But no matter what you do, some people will click "YES" to everything.

Perhaps Windows could perform validation of the boot area, but once it has been infected, it can't be trusted to provide reliable validation anyway.

Kaled.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month