Slashdot Mirror
Microsoft Research Warn About VM-Based Rootkits
Tenacious Hack writes "According to a story on eWeek, lab rats at Microsoft Research and the University of Michigan have teamed up to create prototypes for virtual machine-based rootkits that significantly push the envelope for hiding malware and maintaining control of a target OS. The proof-of-concept rootkit, called SubVirt, exploits known security flaws and drops a VMM (virtual machine monitor) underneath a Windows or Linux installation. Once the target operating system is hoisted into a virtual machine, the rootkit becomes impossible to detect because its state cannot be accessed by security software running in the target system."
The last motherboard I had was a gigabyte. It contained a Dual Bios system which could recover a user flashed bios back to factory defaults.
Complete and utter safety in case of a bad flash.
Heres a small THG article about it.
You are right about most machines however, it may not be enough unless you can replace the bios.
For the totally paranoid, take the suspect drive out and put it into a cleanroom machine.
liqbase