Windows 8 Bootkit Demoed

Last week I wrote up a post regarding a new bootkit virus for Windows 8 that security researcher Peter Kleissner discovered. It was initially thought that this new bootkit virus was able to fool the new UEFI security feature that Microsoft has put in Windows 8, but it turned out that it doesn’t actually. However this bootkit has the ability to bypass the Windows UAC and gain administrator privileges and access to all user accounts.

Peter has now posted a video which demonstrates the bootkit called Stone Lite  in action so you can see for yourselves just how simple it is. It’s only a mere 14kb file but it has the potential to pretty much unlock your whole computer.

As I mentioned in my previous post on this, Peter has already developed bootkits which have a similar effect for Windows 7, Windows Vista and XP. The code is also up and available on his site for anyone to have a look at. He’s also said that this exploit will only work on systems running legacy BIOS’s and doesn’t work on systems with the new UEFI technology.

Of course, Peter has informed Microsoft about this exploit several weeks ago and also passed on his recommendations to prevent it from being an issue in the final build of Windows 8.

View the original article here

First Windows 8 Bootkit To Be Shown Next Week

While Microsoft have been trying as hard as they can to make Windows 8 as fool proof and un-hackable as possible, they are trying to achieve the impossible. There’s been much talk about a new secure boot method that Microsoft spoke about called UEFI which prevents any operating system that isn’t properly signed from running. This means that malicious software doesn’t get a chance to run while your booting up your system. However there’s been questions raised as to wheter or not this will prevent users from installing alternative OS’s such as Linux.

Now a security analyst – Peter Kleissner has created the first Windows 8 Bootkit which manages to get around this program somewhat. He’s planning on releasing it at the MalCon International Conference which is held in India next week. He made the discovery while doing research for a project to subvert the Windows security model. Peter has also discovered Bootkits for Windows XP,Windows Vista,Windows 7 and Windows Server 2003 in his past work.

To date, he’s managed to start the Bootkit from USB/CD which the UEFI is meant to prevent. Once the Bootkit infected the system, he was able to bypass the UAC (User Account Control) which enables it to run. It also patches the OS’s password feature which means a hacker can log on with any password.

However Kleissner claimed that his exploit doesn’t actually target the new Secure Boot feature (UEFI) directly. Instead it attacks the legacy boot procedure. But this also means that when Windows 8 machines hit the market and have UEFI built into them, they shouldn’t be vulnerable to this Bootkit. Instead it will be users who have Windows 8 installed a system that isn’t equipped with UEFI. Not many systems currently have UEFI so this will leave pretty much every machine that upgrades from Windows 7 vulnerable to the Bootkit.

There is one thing though. We are lucky that this was discovered before Windows 8 was released and that it wasn’t discovered by a criminal organisation. Kleissner said that he has passed on all the details to Microsoft and what he suggests they do so hopefully they’ll be able to patch up this exploit in now time.

View the original article here