Here's a scarey thought.

[holo88]

Here's a scarey thought. -Nothing to FEAR!

Windows 7, despite all the sophistication and rich services that millions are wondering about already, has that old bone of contention that Microsoft, surprisingly never took care of. When after a sluggish Windows Vista, we thought that Windows 7 may be the saviour, it can come as an anticlimax for Microsoft fanboys that Windows 7 was hacked from the boot process with only a 3 KB file by two researchers. If you are surprised, perplexed, out of your mind and ridiculing the whole truth, here is the catch, according to them...

"There's no fix for this. It cannot be fixed. It's a design problem"

...

full article: Windows 7 Hacked in Seconds with a 3KB File

this is a bit dated (April 24th, 2009). i found it, while routing through wallpapers on google.

discuss?
​

 

[LFB]

If you are wondering what this software can do, here are two cents for you.

1. the software allows an attacker to increase their user privileges to system level, the highest possible level.
2. You can delete and modify a user's password from his account and give it to someone else and subsequently play with his personal settings.

This is how secure Windows 7 is. Good luck.

this is really bad news...:shock:

 

[Pr0v1d3r]

While VBootkit 2.0 shows how an attacker can take control of a Windows 7 computer, it's not necessarily a serious threat. For the attack to work, an attacker must have physical access to the victim's computer. The attack can not be done remotely.

Nothing to worry about.

 

[VeeEss]

I'm not worried and here's why:
Based on their claims, the supposed vulnerability would clearly be a rootkit attack on the MBR. Since it is supposedly not modifying any existing files (hence rootkit) it must be loaded by the operating system itself. The OS could then be modified to include exclusions preventing said attack. Thus not a design problem, and certainly fixable. Microsoft would surely have gotten wind of this by recent builds and included such a set of exclusions by now.

 

[LFB]

but.. is this possible to come integrated with the ISO file?

 

[VeeEss]

A fixed version of 7?
Yes, if it is a real threat and MS fixed it.

A VBootkit loaded 7?
Not if you get an ISO with a correct hash

 

[DJG]

You'd think if it was that basic somebody would've come up with more examples & cases, maybe hired by the Apple & Linux camps .

 

[Generator]

They aren't on about an ISO though, the artical is on about Virtual Machines.

 

[VeeEss]

You'd think if it was that basic somebody would've come up with more examples & cases, maybe hired by the Apple & Linux camps .

Absolutely - there is no credibility to that article, it's inducing trust by invoking fear. Additionally, they are making contradicting claims.

Guess what people, I hacked Windows 7 with a 2 kb file! And I did it remotely! I didn't even need the IP Address!

 

[holo88]

Nothing to worry about.

unless you work in an office building, with a disgruntled janitor, who happens to be tech-savy.

<-- ex-disgruntled janitor, with such talent

 

[YupYup]

Why oh why do people keep posting about this.

 

[holo88]

Why oh why do people keep posting about this.

why not? it's relevant, isn't it?

 

[VeeEss]

Not once it's been shown not to be.

 

[holo88]

ah ha.... beating a dead horse, was I? my bad

i changed the tags accordingly

 

[fakeasdf]

Yeah, I can hack most OS's just as fast without a file... Just grab the hard drive, WTF now!! w00t... If I remember correctly from reading about this it had to do with loading stuff into the memory while Windows was starting... Which require you to modify the boot, which would require you to actually be at the computer, which means I might as well jack the hard drive...

 

[VeeEss]

Ha! Nice tags.

BTW, I am a pro at the pull-the-hard-drive hack. If anyone needs a how-to, PM me. J/K don't PM me. EVER.

 

[DJG]

ah ha.... beating a dead horse, was I? my bad

i changed the tags accordingly

If its any consolation, it was new for me .

 

[septprince]

I far as i know about it home user dont have to worry because it cannot exploited remotely. The tool kit can hack windows by changing data(any kind of) in the memory during boot time thus gaining access.


And office users you dont have worry also keep your computer in a safe.:roflmao:

 

[Chappy]

Which require you to modify the boot, which would require you to actually be at the computer,

Exactly...this exploit requires the hacker to be physically at the console to do this, so unless folks welcome malicious hackers over for beer & cookies allot, this is a non-issue

 

[itznfb]

wow... an exploit in Windows7 that's in EVERY OS EVER MADE.
this thread is fail