Security Firm Bypasses Patch Guard

filenavigator writes, "This week the security firm Authentium found a workaround for Patch Guard, the security feature Microsoft has embedded into the 64-bit version of Windows. It is supposed to keep out unsigned drivers, kernel modifications, and security company competitors. With Authentium's workaround it can be turned off, software installed, and turned right back on. Microsoft immediately responded by saying their reckless ways are endangering the security of Windows users and that they will disable this hack quickly."

'obvious' bug.

[SillyNickName4me]

So, the way to achieve this is by changing contents in the pagefile by writing disk sectors directly.

If such an obvious bypass has not been considered, how many other such issues exist that are yet undiscovered?

Then, the supposed 'fix' is to disallow writing raw disk sectors for any non kernel code. This will only work when not allowing for things like disk editors and recovery tools, because those would need ways to bypass this and this just opens up new attack vectors.

Bit of a stretch

[Psykosys]

It is supposed to keep out unsigned drivers, kernel modifications, and security company competitors.

While it could be argued that part of Microsoft's goal with PatchGuard is to keep out "security company competitors", there's no hard evidence, AFAIK, that this was one of Microsoft's design goals in creating it and it's somewhat irresponsible to suggest this. If there were, this would presumably be an easy court case and security companies wouldn't have a hard time at all suing Microsoft for illegal measures to establish a monopoly, etc. Instead, they'll be faced with the uphill task of proving that the "keeping out the competition" aspect is not just a necessary side effect of the rest of the design.