Slashdot Mirror


VBootkit Bypasses Vista's Code Signing

An anonymous reader writes "At the Black Hat Conference in Amsterdam, security experts from India demonstrated a special boot loader that gets around Vista's code-signing mechanisms. Indian security experts Nitin and Vipin Kumar of NV labs have developed a program called the VBootkit that launches from a CD and boots Vista, making on-the-fly changes in memory and in files being read. In a demonstration, the 'boot kit' managed to run with kernel privileges and issue system rights to a CMD shell when running on Vista, even without a Microsoft signature. The demo was run on Vista RC2. The researchers say the only reason they didn't do it on Vista final was cost. Schneier blogged the exploit."

3 of 210 comments (clear)

  1. Re:Not a good week and it's only 1/2 over by djupedal · · Score: -1, Offtopic

    7of7! How y'al doing, gal? How's things in the club?

    I heard some downright terrible things about you, just last Monday, but I told them NO way - she can give as good as she can take ;) & MS hired her for a reason, so they must have heard wrong over all those hair-dryers and other low-heeled yammerers, you know :)

    In any case, if it turns out to be true, your secret is safe w/me, so don't worry your pretty little head...

  2. Off topic...hehehe by djupedal · · Score: 0, Offtopic

    I'm off topic and Stephanie wasn't....is that the best you can do? C'mon...I can take it :)