New Malware Targets 64-Bit Windows

Discussion in 'malware problems & news' started by Brandonn2010, Jun 5, 2011.

Thread Status:
Not open for further replies.
  1. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Or simply upgrade patchguard.
     
  3. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Err, no thank you. Feel free to use 32bit if you dislike KPP. I love the fact that it keeps people from screwing with important parts of the Kernel.

    The fact that malware authors have had to look for loopholes around KPP just shows how well its working, since they haven't managed to exploit it directly. These loopholes will come to light as x64 becomes more popular, MS will patch them, and malware authors will move from rootkits to whatever else is next on the popularity table. Viruses >> Trojans >> Rootkits >> ??
     
  4. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Either way, it will always be a cat and mouse run... and the mouse is sneaky... :argh:
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    ^^Agree.

    Security should be built in the OS level. If a third party software can mess with your kernel to help secure it there are other issues.
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    What are those 2 common flaws, and do they work on the current versions of both software?

    This looks interesting, so it loads into the kernel, not the MBR this time correct?

    I still find PatchGuard a good, effective security measure.
     
  7. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    As long as they patch it constantly i'm fine :D
     
  8. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Huh, I guess I've been misinformed on how good PatchGuard is. I just though since it's been making it hard for 64-bit 99.9%-malware-blocking programs like DefenseWall to be developed, that PatchGuard was a nuisance, since malware authors would eventually bypass it, that it just keeps the good-guys from protecting computers.

    Wait, if PatchGuard allows signed drivers to be loaded, couldn't the security program developers just get a signed driver from Microsoft, instead of trying to work around PG?
     
Loading...
Thread Status:
Not open for further replies.