This is a too bad to be true, Windows 7 can be easily hacked and there is no fix for it.
In HITBSecConf2009 Viping Kumar (Founder nvLabs.in) demonstrated how easily Windows 7 can be attacked via boot sectors using Vbootkit 2.0.
He demonstrated
The use of Vbootkit in gaining access to a system without leaving traces.
Leveraging normal programs to escalate system privileges.
Running unsigned code in kernel.
Worst part of this kind of attack (Bootkits) is almost impossible to detect. Simplest Process of VBootkit 2.0 is
Hook INT 13 ( for disk reads)
Keep on patching files as they load
Hook onto next stage
Repeat the above process, till we reach the kernel,
then sit and watch the system carefully
Good thing about this attack is that you need physical access to the machine at the start of the attack. Which minimise the risk level. Also if other have physical access to your computer, operating system cannot provide any security to your compute. This kind of attack can be driven to other operating systems as well.
What would Microsoft will do to prevent VbootKit attack before they release
No comments:
Post a Comment