While Microsoft have been trying as hard as they can to make Windows 8 as fool proof and un-hackable as possible, they are trying to achieve the impossible. There’s been much talk about a new secure boot method that Microsoft spoke about called UEFI which prevents any operating system that isn’t properly signed from running. This means that malicious software doesn’t get a chance to run while your booting up your system. However there’s been questions raised as to wheter or not this will prevent users from installing alternative OS’s such as Linux.
Now a security analyst – Peter Kleissner has created the first Windows 8 Bootkit which manages to get around this program somewhat. He’s planning on releasing it at the MalCon International Conference which is held in India next week. He made the discovery while doing research for a project to subvert the Windows security model. Peter has also discovered Bootkits for Windows XP,Windows Vista,Windows 7 and Windows Server 2003 in his past work.
To date, he’s managed to start the Bootkit from USB/CD which the UEFI is meant to prevent. Once the Bootkit infected the system, he was able to bypass the UAC (User Account Control) which enables it to run. It also patches the OS’s password feature which means a hacker can log on with any password.
However Kleissner claimed that his exploit doesn’t actually target the new Secure Boot feature (UEFI) directly. Instead it attacks the legacy boot procedure. But this also means that when Windows 8 machines hit the market and have UEFI built into them, they shouldn’t be vulnerable to this Bootkit. Instead it will be users who have Windows 8 installed a system that isn’t equipped with UEFI. Not many systems currently have UEFI so this will leave pretty much every machine that upgrades from Windows 7 vulnerable to the Bootkit.
There is one thing though. We are lucky that this was discovered before Windows 8 was released and that it wasn’t discovered by a criminal organisation. Kleissner said that he has passed on all the details to Microsoft and what he suggests they do so hopefully they’ll be able to patch up this exploit in now time.
0 Responses to "First Windows 8 Bootkit To Be Shown Next Week"
Post a Comment