Hackers at Black Hat rise to Microsoft's challenge to break Vista's security (and succeed)

Hackers at Black Hat rise to Microsoft's challenge to break Vista's security (and succeed)

Summary: Looks like Microsoft has more work to do on Vista's security. According to InfoWorld:After security researcher Joanna Rutkowska demonstrated Thursday how it's possible to circumvent security in Microsoft's Vista beta software and install a rootkit called Blue Pill, Microsoft said it intends to find ways to stop both potential threats before Vista ships.

SHARE:
TOPICS: Security
11

Looks like Microsoft has more work to do on Vista's security. According to InfoWorld:

After security researcher Joanna Rutkowska demonstrated Thursday how it's possible to circumvent security in Microsoft's Vista beta software and install a rootkit called Blue Pill, Microsoft said it intends to find ways to stop both potential threats before Vista ships. At the Black Hat conference, Rutkowska, security researcher at Singapore-based firm COSEINC, showed that she found a way to bypass the Vista integrity-checking process for loading unsigned code into the Vista kernel. Then she presented Blue Pill, a rootkit she created based on Advanced Micro Devices (AMD) Secure Virtual Machine, Pacifica.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

11 comments
Log in or register to join the discussion
  • best thing is

    the public will now know what to look for in the same old problems with a new twist, i mean vist.
    not of this world
    • I guess that goes for

      Linux too. Last I read, you can unknowingly install a rootkit on it, also.
      John Zern
      • Do provide the link

        to this source...
        Linux User 147560
        • Link

          Enyelkm, although there are plenty others [url=http://www.packetstormsecurity.org/UNIX/penetration/rootkits/indexdate.html]here[/url]
          Scrat
          • ZDNet and their broken links...

            http://www.packetstormsecurity.org/UNIX/penetration/rootkits/indexdate.html for the broken link in the previous post.
            Scrat
  • Why are "BLACK" Hats

    helping M$? Sounds awfully WHITE hat to me.
    Roger Ramjet
  • Interesting thing here

    They conveniently left out one little tidbit. That is, how long did it
    take? Was it hacked in 5 minutes? Did it take 15 minutes? How
    many attack vectors were used? How many attack vectors are there
    and not demonstrated?
    Rick_K
  • David please...

    Come on now. I expect a little more disclosure here. You know that the blue pill attack required going around UAC and for that to work it would require some social engineering. What PC is safe if you employ social engineering into your attack? None is the answer.

    So please stop with the sensational headlines. Are you trying to goose your numbers a bit there Dave?
    BFD
    • Yes

      This is equivalent to some hacker creating a hack for Linux, and saying "See? I hacked Linux", but then disclosing, "Well, the hack has to run as root." Duh!

      The difference is it's unlikely the same vector would have worked. The driver model may be more secure. No matter. Once malicious software is able to escalate privileges (privilege escalation vulnerabilities in certain distros of Linux have shown up in the past), it can do a lot of damage.
      Mark Miller
    • Having problem with plurals?

      That was one hacker and it requires admin privileges and it needs to get on to the machine and you need to go through UAC.

      Try writing something next time rather than reporting a summary form some other person.
      TonyMcS
  • Virtual Machine Rootkits are not exactly "new"...

    ...and can infect not just Windows XP / Vista, but Linux as well (for the [u]complete[/u] paper on this subject, click [url=http://www.eecs.umich.edu/virtual/papers/king06.pdf]here[/url]).

    Proof-of-concept code (SubVirt) has been developed, however I believe that it is not publicly available.
    Scrat