Fri, Aug 22, 2014, 5:07 AM EDT - U.S. Markets open in 4 hrs 23 mins

Recent

% | $
Quotes you view appear here for quick access.

Nokia Corporation Message Board

  • phands.theheretic5 phands.theheretic5 Sep 19, 2012 11:22 AM Flag

    New vicious UEFI bootkit vuln found for Windows 8...looks like 8 is as phucked as all windoze versions

    wwwDOTtheregisterDOTcoDOTuk/2012/09/19/win8_rootkit/

    Windoze 8 carrying on the tradition of no security at all...


    Security researchers have discovered security shortcomings in Windows 8 that create a means to infect the upcoming operating system with rootkit-style malware.

    Italian security consultants ITSEC discovered the security hole following an analysis of the Unified Extensible Firmware Interface (UEFI), a successor to the legacy BIOS firmware interface, that Microsoft began fully supporting with 64-bit versions of Windows 7.

    ITSEC analysed the UEFI platform now that Microsoft has ported old BIOS and MBR's boot loader to the new UEFI technology in Windows 8. Andrea Allievi, a senior security researcher at ITSEC, was able to use the research to cook up what's billed as the first ever UEFI bootkit designed to hit Windows 8. The proof-of-concept malware is able to defeat Windows 8's Kernel Patch Protection and Driver Signature Enforcement policy.

    The UEFI boot loader developed by Allievi overwrites the legitimate Windows 8 UEFI bootloader, bypassing security defences in the process.

    "Our bootloader hooked the UEFI disk I/O routines and it intercepted the loading of the Windows 8 kernel, thus our bootkit tampered the kernel by disabling the security features used by Windows to prevent the loading of unsigned drivers," explains Marco Giuliani, a director of ITSEC.

    The bootkit developed by ITSEC is comparable to forms of older MBR (Master Boot Record) rootkits that overwrite system files of older version of Windows. Bootkits capable of taking over Windows 8 machines have been around since last November but these earlier proof-of-concept nasties didn't circumvent UEFI, unlike the latest research.

    Previously boot loaders and rootkits had to be developed in assembly language. But UEFI creates a means to develop system loaders much more straightforwardly using the easier C programming language, making thing easier for both legitimate developers and VXers.

    Sentiment: Strong Sell

 
NOK
8.25+0.12(+1.48%)Aug 21 4:01 PMEDT

Trending Tickers

i
Trending Tickers features significant U.S. stocks showing the most dramatic increase in user interest in Yahoo Finance in the previous hour over historic norms. The list is limited to those equities which trade at least 100,000 shares on an average day and have a market cap of more than $300 million.