ATI Driver Flaw Exposes Vista Kernel to Attackers

Shack0ption writes "An unpatched flaw in an ATI driver was at the center of the mysterious Purple Pill proof-of-concept tool that exposed a way to maliciously tamper with the Windows Vista kernel. The utility, released by Alex Ionescu and yanked an hour later after the kernel developer realized that the ATI driver flaw was not yet patched, provided an easy way to load unsigned drivers onto Vista — effectively defeating the new anti-rootkit/anti-DRM mechanism built into Microsoft's newest operating system. Ionescu confirmed his tool was exploiting a vulnerability in an ATI driver — atidsmxx.sys, version 3.0.502.0 — to patch the kernel to turn off certain checks for signed drivers. This meant that a malicious rootkit author could essentially piggyback on ATI's legitimately signed driver to tamper with the Vista kernel."

I'm not going to blame Microsoft

[ajs318]

I'm not going to blame Microsoft. I'm going to blame the various countries' legislators for not passing a law demanding that driver Source Code be published as a condition of approval of hardware for sale.

If there were such a law on the books, many vulnerabilities would be flushed out. The closedness is at the very root of the problems, and the only way to solve them for good is to enforce Source Code availability.

(I don't buy your "Let the Free Market Decide" bleatings. I can see where you're coming from, but you have to realise there is no free market in the computer hardware sector anymore, just a cartel of vendors who use various dirty tricks to prevent competition from outside. In this situation, only Government can make a difference.)

Re:Let's blame Microsoft

This is why Linux will never become successful on the desktop.

"Yeah, but someone would have to be an idiot to use it"

Brilliant. Let's all assume that end users have a degree in Computer Science. I guess I have to agree, people are idiots if they use a device driver from a device driver developer, duh!

"Binary drivers which have always been a Bad Thin[g]"

Sure, because every company in the world believes in open source (in fantasy land). The fact is that some device drivers are binary and it is all you got. The alternative is to dual boot to Windows, which also has a binary device driver for said device but since it is Windows we don't care about its integrity. Oh wait! That is what people still do to this day. They dual boot because Windows just happens to provide that one little thing Linux can't. D'oh!

"It is Microsoft's fault that they rely on third parties to write the drivers in the first place."

WTF?? Where do I begin? I don't fully understand this sentence. Ummm, YEAH Microsoft has to rely on third parties to write the drivers. The third party is the one who invented the device, you idiot. What? Is Microsoft going to write device drivers for all hardware companies now? How does that work? How much of the device's design has to be submitted to Microsoft so that they can write the driver. How is intellectual property protected? Are you insane?

Next you'll be writing how it's Microsoft's fault for relying on third parties for providing software for their platform. If the next version of Adobe Photoshop contained a nasty exploit are we going to say "well it's Microsoft's fault for relying on Adobe for writing image editing software in the first place."