Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows 8 Secure Boot Defeated

Posted by samzenpus on from the what-took-so-long? dept.

jhigh writes "An Austrian security researcher is scheduled to release the first 'bootkit' for Windows 8 at the upcoming MalCon in Mumbai. This exploit loads in the MBR and stays memory resident until Windows loads, resulting in root access to the system. This allegedly defeats the new secure boot features in Windows 8's bootloader."

7 of 205 comments (clear)

  1. Re:Could open your system up to malware like Linux by liquidweaver · · Score: 4, Informative

    Someone has thought of the kids!! http://maketecheasier.com/doudoulinux-a-fun-linux-distro-for-kids/2010/11/26

    --
    mov ah, 4ch
    int 21h
  2. Not broken by BitZtream · · Score: 5, Informative

    I thought the point to the UEFI secure boot thing was that the UEFI wouldn't boot without the MBR and remainder of the boot blocks being properly digitally signed.

    Unless someone broke the digital signature system or found a flaw in the implementation, this sounds more like working as intended.

    The article also seems to think that the boot loader is supposed to be encrypted for some silly reason.

    Seems pretty clear that the article doesn't understand how it works, so its hard to imagine theres much truth in it. If you tell the UEFI to ignore digital signatures on the boot loader then yes, it has been compromised ... cause you turned it off. Intentionally turning it off doesn't count as breaking it guys, sorry.

    If there was a claim of a flaw in the UEFI Secure boot implementation or design, then I'd listen, but the fact that its being called a windows exploit when it occurs before Windows has been started kinda sets off signal flares, ya know?

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  3. Re:Could open your system up to malware like Linux by c++0xFF · · Score: 4, Informative

    Actually, it refers to a teddy bear. Kinda cute, with unfortunate implications to the American ear.

  4. Re:Could open your system up to malware like Linux by Anonymous Coward · · Score: 4, Informative

    Doudou is the French for comforter; a child favorite blanket, teddy bear or a scarf.

  5. Re:Secure boot is UEFI by afidel · · Score: 5, Informative

    You are correct, this is just an update of his previous exploit against other Windows versions, it only works with legacy BIOS, not against EUFI with secure boot. The story over at ARS has been updated.

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  6. WRONG by amliebsch · · Score: 3, Informative

    This headline is incorrect, secure boot was not compromised. From the ARS story:

    The exploit allegedly defeats the security features of Windows 8's new Boot Loader. However, Kleissner said in a message exchange with Ars Technica that the exploit did not currently target the Unified Extensible Firmware Interface (UEFI), but instead went after legacy BIOS. Kleissner said he has shared his research and paper and the paper he plans to present, "The Art of Bootkit Development," with Microsoft.

    Secure boot does nothing if you have legacy BIOS.

    --
    If you don't know where you are going, you will wind up somewhere else.
  7. This is disgraceful by amliebsch · · Score: 5, Informative

    Seriously, hello, editors? Is anybody home? This post is 100% false. The very subject of this story has tweeted:

    No it's not attacking UEFI or secure boot, right now working with the legacy BIOS only (details will be in the paper)

    Do the words "reckless disregard for the truth" have any meaning to you?

    --
    If you don't know where you are going, you will wind up somewhere else.