Slashdot Mirror

← Back to Stories (view on slashdot.org)

VBootkit Bypasses Vista's Code Signing

Posted by kdawson on from the breaking-into-your-own-hardware dept.

An anonymous reader writes "At the Black Hat Conference in Amsterdam, security experts from India demonstrated a special boot loader that gets around Vista's code-signing mechanisms. Indian security experts Nitin and Vipin Kumar of NV labs have developed a program called the VBootkit that launches from a CD and boots Vista, making on-the-fly changes in memory and in files being read. In a demonstration, the 'boot kit' managed to run with kernel privileges and issue system rights to a CMD shell when running on Vista, even without a Microsoft signature. The demo was run on Vista RC2. The researchers say the only reason they didn't do it on Vista final was cost. Schneier blogged the exploit."

1 of 210 comments (clear)

  1. Off topic...hehehe by djupedal · · Score: 0, Offtopic

    I'm off topic and Stephanie wasn't....is that the best you can do? C'mon...I can take it :)