Monday, April 27, 2009

More security problems in Windows 7

In spite of the announced increase on security levels, a problem discovered in 2007 in Vista is still causing complications, this time on Windows 7. In 2007, Bruce Schneier points out the problem with the following:
Experts say that the fundamental problem that this highlights is that every stage in Vista's booting process works on blind faith that everything prior to it ran cleanly. The boot kit is therefore able to copy itself into the memory image even before Vista has booted and capture interrupt 13, which operating systems use for read access to sectors of hard drives, among other things.
Interestingly, 2 years after, Windows 7 keep almost the same problems. During HITB (Hack In The Box), wich is a security event, the researchers Vipin Kumar and Nitin Kumar demonstrate here how to gain control of a Windows 7 virtual machine, while during the boot.
It's a design problem," Vipin Kumar said, explaining the software exploits the Windows 7 assumption that the boot process is safe from attack. While VBootkit 2.0 shows how an attacker can take control of a Windows 7 computer, it's not necessarily a serious threat. For the attack to work, an attacker must have physical access to the victim's computer. The attack can not be done remotely.

Not only this, but Nitim says that there is nothing to be done, because this is a project problem, where is presumed that during the boot the OS is safe against attacks.
"There's no fix for this. It cannot be fixed. It's a design problem," Vipin Kumar said (..)
VBootKit 2.0 is only 3 Kb !!!

1 comment:

Unknown said...

Telangana State Engineering Agricultural and Medical Common Entrance Test TS EAMCET is a state level entrance examination conducted in the state of Telangana for the selection of candidates into Engineering and Medicine and Agriculture courses. It is conducted by Jawaharlal Nehru technical Institute (JNTU) on behalf of TSCHE.