Hidden flaw/Windows/stealthly Malware worries

Discussion in 'other security issues & news' started by StevieO, Sep 1, 2005.

Thread Status:
Not open for further replies.
  1. StevieO

    StevieO Guest

    Found this today which enlarges on the Windows Registry "flaw" that has has recently come to light.

    .

    Already, some spyware authors seem to be playing with the rudimentary technique to try and hide their programs, said Tom Liston, a handler for the Internet Storm Center and a network security consultant for Intelguardians.

    "We have seen indications that someone is trying this technique out," Liston said. "Basically, we have seen code that is stuffing a key in the registry with a huge length. Yet, the author still doesn't have it working."
    .

    A Microsoft representative said that the company is investigating the report, but does not consider the problem an operating system flaw. "Our early analysis indicates that this attempt to bypass these features is not a software security vulnerability, but a function within the operating system that could be misused," the company said in a statement.
    .

    The creators of more advanced rootkits--software designed to stealthily and completely compromise a system--are starting to add memory hiding to their bag of tricks, said Greg Hoglund
    .

    "Spyware is the biggest problem right now, and the people that are writing it are starting to get a clue, and that's a scary trend," Hoglund said.
    .

    "None of the people that I know who are writing rootkits would not use this method to hide the key," he said.
    .

    "If your security tools aren't also using rootkit-like techniques, then they can be subverted easier," he said.

    http://www.securityfocus.com/news/11300


    StevieO
     
Loading...
Thread Status:
Not open for further replies.