Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Security Leak for W7 (already !)

24 Apr 2009   #1
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 
Security Leak for W7 (already !)

Hi all
This looks an interesting find although it represents a problem when they used a Virtual Machine but this sort of stuff could possibly work on a REAL machine as well.

It works on the basis that W7 assumes the Boot process is safe. This is where AV software has a problem since the OS has to START before the AV software (or anything) can run. -- Or at least the kernel must load enough of itself to allow application program (the AV software for example) to be loaded and executed -- too late by then.

Windows 7 hack opens OS to attackers News - PC Advisor

Not yet in reality but still it's a possible warning for Security to be tightened up yet again.

Cheers
Jimbo


My System SpecsSystem Spec
.
24 Apr 2009   #2
Digger

XP/win7 x86 build 7127
 
 

While VBootkit 2.0 shows how an attacker can take control of a Windows 7 computer, it's not necessarily a serious threat. For the attack to work, an attacker must have physical access to the victim's computer. The attack can not be done remotely.

VBootkit 2.0, which is just 3KB in size, allows an attacker to take control of the computer by making changes to Windows 7 files that are loaded into the system memory during the boot process. Since no files are changed on the hard disk, VBootkit 2.0 is very difficult to detect, he said.




a good way to tighten this up would be to initialize a (bios) system boot password.... then tie a chain around it, attach an anchor, then throw overboard
My System SpecsSystem Spec
24 Apr 2009   #3
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

This sort of stuff could easily be installed on a computer by running any old application in a Browser.

How many people on this site still use those online Driver scanners or Registry cleansers without 100% checking. Even a single program run from a browser like Check your IP can install "unwanted" stuff.

However blocking Browsers is not the easiest task in the world -- most users want to USE their computers conveniently - not jump through hoops to get an application to work -- and with emphasis on "Content delivery" and "The Cloud" more and more applications will have to be "Browser enabled".

It's easier securing a "Static OS" -- much more difficult when you are in a highly dynamic environment and have the potential resources of the entire web available for "hacking".

Anyway that's what the Security guys are paid to do -- fix this stuff.

Cheers
jimbo.
My System SpecsSystem Spec
.

24 Apr 2009   #4
LePoilu

Vista H.P. SP1 x32 Seven RC x64
 
 

Quote   Quote: Originally Posted by jimbo45 View Post
This sort of stuff could easily be installed on a computer by running any old application in a Browser.

Quote:
For the attack to work, an attacker must have physical access to the victim's computer

Everything can not be "easily installed" via the web browser. And As Far As I know Seven use by defaul IE8 with protected mode...(and other browser are not less secure.. nobody will install IE6 on Seven!) So it would be hard to make an attack which need physical access via the web browser on seven.

This kind of attack is like hacking the Bios of your computer before the OS boot... really hard to do remotly
My System SpecsSystem Spec
24 Apr 2009   #5
zZanthraXx

Windows 7 (7127)
 
 

If you have to physically access a computer to put malware on it- why dont you just steal the computer?
My System SpecsSystem Spec
24 Apr 2009   #6
LePoilu

Vista H.P. SP1 x32 Seven RC x64
 
 

Quote   Quote: Originally Posted by zZanthraXx View Post
If you have to physically access a computer to put malware on it- why dont you just steal the computer?
Cause you're 007 and you don't have place in your Aston Martin
My System SpecsSystem Spec
24 Apr 2009   #7
zZanthraXx

Windows 7 (7127)
 
 

I am 007.
My System SpecsSystem Spec
Reply

 Security Leak for W7 (already !)




Thread Tools




Similar help and support threads
Thread Forum
Win 7 memory leak?
Wasnt sure what section to post this under exactly, but here was an event log message that i had ran across. Event 11, RPC (Microsoft-Windows-RPC-Events) Possible Memory Leak. Application ("taskhost.exe") (PID: 3560) has passed a non-NULL pointer to RPC for an parameter marked . ...
Performance & Maintenance
Possible Alternate RTM Leak
After 4 weeks of experimenting in my computer lab, & lost sleep over this project, I present the Win-C-64. I still have a few bugs & revisions to work out, so maybe I need the help of SevenForums members input. The most pressing problem is activation. I have loaded 777 different floppys looking for...
Chillout Room
Where's the next leak?
Come on ,somebody leak another build already. I'm having new build withdrawls. http://smilys.net/rauchende_smilies/smiley3807.gif
Chillout Room
Well it could have been another (SEVEN) leak
YouTube - Exclusive Leak
Chillout Room


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 13:29.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App