Slashdot Mirror

← Back to Stories (view on slashdot.org)

ATI Driver Flaw Exposes Vista Kernel to Attackers

Posted by CowboyNeal on from the sneaking-in dept.

Shack0ption writes "An unpatched flaw in an ATI driver was at the center of the mysterious Purple Pill proof-of-concept tool that exposed a way to maliciously tamper with the Windows Vista kernel. The utility, released by Alex Ionescu and yanked an hour later after the kernel developer realized that the ATI driver flaw was not yet patched, provided an easy way to load unsigned drivers onto Vista — effectively defeating the new anti-rootkit/anti-DRM mechanism built into Microsoft's newest operating system. Ionescu confirmed his tool was exploiting a vulnerability in an ATI driver — atidsmxx.sys, version 3.0.502.0 — to patch the kernel to turn off certain checks for signed drivers. This meant that a malicious rootkit author could essentially piggyback on ATI's legitimately signed driver to tamper with the Vista kernel."

4 of 248 comments (clear)

  1. Fr1st or sekund prost!!! by Anonymous Coward · · Score: -1, Troll

    yes yes

  2. Open Source drivers by Anonymous Coward · · Score: -1, Troll

    Could this happen if ATI drivers were open source?

  3. Re:Let's blame Microsoft by Anonymous Coward · · Score: 0, Troll

    I don't think you have any idea what you are talking about. Do you actually know what code-signing is and what it is used for?

  4. Really cleaning up the Internet by tjstork · · Score: -1, Troll

    The whole problem with the internet is that our anti-malware strategy is defensive, and honestly, its just getting downright annoying and expensive. We need to go after people that actually create malware, and with some serious tools. It is increasingly reckless to let a few bad eggs hold the entire world hostage.

    a) It's time to design the internet so that anonymous traffic is not possible. Make it possible to track the spread of this malware back from to the source. Make malware not just the crime of malware itself, but of identity theft as well.

    a) Declare any writer of malware to be a Terrorist Enemy Combatant. If someone is writing an attack on an American computer system from offshore, we should have the CIA / FBI, etc, sending them to Gitmo as well. If foreign nations are not willing to enforce or do something about computer crime laws, then the United States has to enforce those laws for them. Send a few malicious geeks off to Guantinomo, I say. Cyberware IS terrorism.

    Really, I'm way past hackers and security people being portrayed as some black and white struggle that we all must take part in. I'd much rather have my good guys in government going and killing all of the bad guys, without me having to even think about it.

    --
    This is my sig.