Researchers Show How to Take Control of Windows 7

[ Stefan Markic @ 24.04.2009. 13:46 ] @

Vidim da se digla ogromna halabuka oko ovoga:

Citat:

"There's no fix for this. It cannot be fixed. It's a design problem," Vipin Kumar said, explaining the software exploits the Windows 7 assumption that the boot process is safe from attack.

Medjutim...

Citat:

While VBootkit 2.0 shows how an attacker can take control of a Windows 7 computer, it's not necessarily a serious threat. For the attack to work, an attacker must have physical access to the victim's computer. The attack can not be done remotely.

Wow. :)

[ Ivan Dimkovic @ 24.04.2009. 13:50 ] @

Citat:

VBootkit 2.0, which is just 3KB in size, allows an attacker to take control of the computer by making changes to Windows 7 files that are loaded into the system memory during the boot process. Since no files are changed on the hard disk, VBootkit 2.0 is very difficult to detect, he said.

U pitanju je nekakav boot-kit koji on-the-fly patchuje memoriju kernela tako sto trci kao hypervisor...

Ne vidim zasto je ovo ekskluzivno za Win7 - ili bilo koji Win OS, ovo isto moze da se uradi sa bilo kojim OS-om na danasnjim modernim PC racunarima.

Resenje protiv toga je vrlo jednostavno - zove se BIOS password i zabrana boot-a sa bilo cega drugog osim boot particije na hard disku.

Bez te zastite, uvek je moguce boot-ovati se sa USB sticka, i kompromitovati bilo kakav OS uz pomoc virtualizacije koja je danas hardverski dostupna na maltene svim modernim procesorima.

Otkrili ljudi toplu vodu, i jako lepo iskoristili W7 buzz za svoj marketing.

Pitam se ko placa takve "researcher-e"

[ Srđan Pavlović @ 24.04.2009. 16:36 ] @

^slazem se, ma ovo nije nikakav hack

Citat:

VBootkit 2.0, which is just 3KB in size, allows an attacker to take control of the computer

Isto tako je mogao da digne sistem sa bilo kog live linux-a i zameni ntloader.exe sa cim mu se digne,
kad vec ima fizicki pristup masini + mogucnost da na toj masini bootuje sta oce ;)

Sve sto ukljucuje fizicki pristup masini, veze nema sa hakovanjem, bar sto se mene tice :)

[ Mitrović Srđan @ 25.04.2009. 02:41 ] @

Jbt neki likovi stvarno nemaju granica....