Security Leak for W7 (already !)

    Security Leak for W7 (already !)


    Posted: 24 Apr 2009
    Hi all
    This looks an interesting find although it represents a problem when they used a Virtual Machine but this sort of stuff could possibly work on a REAL machine as well.

    It works on the basis that W7 assumes the Boot process is safe. This is where AV software has a problem since the OS has to START before the AV software (or anything) can run. -- Or at least the kernel must load enough of itself to allow application program (the AV software for example) to be loaded and executed -- too late by then.

    Windows 7 hack opens OS to attackers News - PC Advisor

    Not yet in reality but still it's a possible warning for Security to be tightened up yet again.

    Cheers
    Jimbo
    jimbo45's Avatar Posted By: jimbo45
    24 Apr 2009



  1. Posts : 995
    XP/win7 x86 build 7127
       #1

    While VBootkit 2.0 shows how an attacker can take control of a Windows 7 computer, it's not necessarily a serious threat. For the attack to work, an attacker must have physical access to the victim's computer. The attack can not be done remotely.

    VBootkit 2.0, which is just 3KB in size, allows an attacker to take control of the computer by making changes to Windows 7 files that are loaded into the system memory during the boot process. Since no files are changed on the hard disk, VBootkit 2.0 is very difficult to detect, he said.




    a good way to tighten this up would be to initialize a (bios) system boot password.... then tie a chain around it, attach an anchor, then throw overboard
      My Computer


  2. Posts : 5,941
    Linux CENTOS 7 / various Windows OS'es and servers
    Thread Starter
       #2

    This sort of stuff could easily be installed on a computer by running any old application in a Browser.

    How many people on this site still use those online Driver scanners or Registry cleansers without 100% checking. Even a single program run from a browser like Check your IP can install "unwanted" stuff.

    However blocking Browsers is not the easiest task in the world -- most users want to USE their computers conveniently - not jump through hoops to get an application to work -- and with emphasis on "Content delivery" and "The Cloud" more and more applications will have to be "Browser enabled".

    It's easier securing a "Static OS" -- much more difficult when you are in a highly dynamic environment and have the potential resources of the entire web available for "hacking".

    Anyway that's what the Security guys are paid to do -- fix this stuff.

    Cheers
    jimbo.
      My Computer


  3. Posts : 234
    Vista H.P. SP1 x32 Seven RC x64
       #3

    jimbo45 said:
    This sort of stuff could easily be installed on a computer by running any old application in a Browser.

    For the attack to work, an attacker must have physical access to the victim's computer

    Everything can not be "easily installed" via the web browser. And As Far As I know Seven use by defaul IE8 with protected mode...(and other browser are not less secure.. nobody will install IE6 on Seven!) So it would be hard to make an attack which need physical access via the web browser on seven.

    This kind of attack is like hacking the Bios of your computer before the OS boot... really hard to do remotly
      My Computer


  4. Posts : 68
    Windows 7 (7127)
       #4

    If you have to physically access a computer to put malware on it- why dont you just steal the computer?
      My Computer


  5. Posts : 234
    Vista H.P. SP1 x32 Seven RC x64
       #5

    zZanthraXx said:
    If you have to physically access a computer to put malware on it- why dont you just steal the computer?
    Cause you're 007 and you don't have place in your Aston Martin
      My Computer


  6. Posts : 68
    Windows 7 (7127)
       #6

    I am 007.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 02:00.
Find Us