Security researcher defeats Windows 8 secure boot (so much for Microsoft's claims)

DainBramaged

(1000+ posts) Send PM | Profile | Ignore

Thu Nov-17-11 11:41 AM
Original message

Security researcher defeats Windows 8 secure boot (so much for Microsoft's claims)

At the upcoming MalCon security conference in Mumbai, Austrian independent developer and security analyst Peter Kleissner is scheduled to release the first known "bootkit" for Windows 8�an exploit that is able to load from a hard drive's master boot record and reside in memory all the way through the startup of the operating system, providing root access to the system. The exploit allegedly defeats the secure boot features of Windows 8's new Boot Loader. Kleissner will also present a paper called "The Art of Bootkit Development."

Kleissner previously developed the Stoned bootkit, a proof-of-concept exploit that could attack Windows XP, Vista, and 7, as well as Windows Server 2003. Stoned, which is available as source code from Kleissner's site, was able to install itself into the Windows kernel and gain unrestricted access to the entire system, even on systems with encrypted drives�because the master boot record on those drives remains unencrypted.

The details of the Windows 8 bootkit have not yet been shared, but Kleissner said in his Twitter feed this morning that the new bootkit, called Stoned Lite, has an infector file that is only 14 kilobytes in size, and the bootkit can be started from a USB drive or CD. He added that he was considering adding "in-memory patching of msv1_0!MsvpPasswordValidate." That exploit, previously demonstrated against Windows XP as part of a bootkit, changes the password validation routine in Windows to accept any password as valid for an account.

Windows 8's boot loader has added a number of security features to prevent malware and security breaches, including a measure that requires any software loaded at boot time to be authenticated with a valid digital signature. Microsoft advertised this feature as a malware killer, because it would in theory block any unsigned software from loading into memory before startup. But the new boot loader has caused concern in the open-source world, because Linux distributions such as Red Hat and Ubuntu don't come with a digital signature.

http://arstechnica.com/business/news/2011/11/security-researcher-defeats-windows-8-secure-boot.ars

Windows 8 = :rofl:

Printer Friendly | Permalink | | Top

onehandle

(1000+ posts) Send PM | Profile | Ignore

Thu Nov-17-11 11:45 AM
Response to Original message

1. Windows 9 will be out before you know it. 9th time's a charm? nt

Printer Friendly | Permalink | | Top

(1000+ posts) Send PM | Profile | Ignore

Thu Nov-17-11 12:12 PM
Response to Original message

2. Actually this is a very good thing.

It will help stop or at least get around Microsoft's attempted lock on personal computers.

Printer Friendly | Permalink | | Top

HopeHoops

(1000+ posts) Send PM | Profile | Ignore

Thu Nov-17-11 02:11 PM
Response to Original message

3. Well, I am just SO shocked.

:sarcasm:

Printer Friendly | Permalink | | Top

DU AdBot (1000+ posts)

Tue Apr 30th 2024, 06:31 AM
Response to Original message

Advertisements [?]

Top

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.