VBootkit Bypasses Vista's Code Signing
An anonymous reader writes "At the Black Hat Conference in Amsterdam, security experts from India demonstrated a special boot loader that gets around Vista's code-signing mechanisms. Indian security experts Nitin and Vipin Kumar of NV labs have developed a program called the VBootkit that launches from a CD and boots Vista, making on-the-fly changes in memory and in files being read. In a demonstration, the 'boot kit' managed to run with kernel privileges and issue system rights to a CMD shell when running on Vista, even without a Microsoft signature. The demo was run on Vista RC2. The researchers say the only reason they didn't do it on Vista final was cost. Schneier blogged the exploit."
isn't it ironic that even hackers don't like the high cost of MS software?
FTFA: "The researchers say the only reason they didn't do it on Vista final was cost."
Support NYCountryLawyer RIAA vs People
Of course, it will be one of those that relies on a code of honor:
"This is the Windows Vista Boot Sector Virus kit. Please burn this ISO to a CD and boot your computer with it."
Fortunately I'm sure Vista (and hell, even the BIOS) guard the boot sector like it's fort knox.
No problem. We just send a flying circus over the BIOS, dump some VX gas on it, then march in with the industrial laser. Then we cut a hole, drop the virus in and, BOOM! Instant instability.
This is assuming, of course, Vista hasn't seduced the leader of the flying circus by this point, at which case the whole plan's shot to hell.
- VBootKit bitch slaps VISTA
- Animated cursor panic/fix
- EMI/Apple DRM shun ropa-dopes WMA
- XBox Elite HD-DVD chokes on popular title
- XBox Elite HDMI only v1.2
- Class action suit for bait/switch 'VISTA Ready' claims
Can't wait to see how the rest of the week plays out....heheheheh