Security researcher gets root on Windows 8 with bootkit

Discussion in 'malware problems & news' started by Searching_ _ _, Nov 18, 2011.

Thread Status:
Not open for further replies.
  1. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Security researcher gets root on Windows 8 with bootkit - ArsTechnica

    MalCon
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It remains to be seen.
     
  3. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    True, and I'm quite sure if it amounts to anything, it'll cause a temporary media firestorm. The thing is though, if anyone expects Windows to be any less targeted or suddenly become exploit-proof with all of these new enhancements, they're just kidding themselves.
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I think the issue is that there was already controversy about this feature due to linux (mirroring the patchguard situation) and now that it's been said to be bypassable more users will be questioning it's value - "It stops us from running linux and it doesn't even work!"

    Whatever version of Win8 that's been tested at this time has not been fully released and is not the final product. If there's a hole it may very well be removed.
     
  5. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Peter Kleissner aka ToasterS - Stoned
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    That only works on systems up to 7 though - the win8 version still hasn't been shown or released.
     
  7. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    According to what was told to Ars Technica, by that guy, the exploit doesn't target UEFI, rather BIOS.
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    BIOS won't matter. edit: Though it can make things more useful - still, direct disk access doesn't go through the bios anymore it goes through the OS.

    I think it targets the TPM card.
     
  9. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
  10. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Security Researcher Demos Windows 8 Bootkit - MaximumPC

    Windows 8 Bootkit Demo - Vimeo
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Pretty big deal. I'm just glad it's being vetted before the release.
     
  12. wat0114

    wat0114 Guest

    If UAC is set to Maximum, will it alert on attempting to launch the executable?
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It bypasses UAC. So I assume no prompt.
     
  14. wat0114

    wat0114 Guest

    In the video, it bypassed UAC set at Default, but I'm wondering if it will bypass it if it's set at Always Notify. Just curious is all.
     
  15. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Oh, I see. Yeah fair point.
     
  16. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    interesting discussion.

    one has to wonder if Windows will ever get 'fully patched' eventually.

    it's a never ceasing parade of exploits, POC and all the updates trying to counter such problems.
     
  17. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Getting fully patched will never happen. There are always new updates for performance etc or even patches that will introduce new vulnerabilities.

    But yeah, it definitely is a never ending parade.
     
Loading...
Thread Status:
Not open for further replies.