Members
  • Total Members: 12816
  • Latest: t114563
Stats
  • Total Posts: 28524
  • Total Topics: 8240
  • Online Today: 922
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: 'Unfixable' Windows 7 exploit created by security experts (VBootkit 2.0)  (Read 1304 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Windows 7 is quite possibly the most anticipated operating system at the moment; maybe even the most highly regarded one in the last few years, but that doesn't mean it comes without flaws. According to NetworkWorld, two security researchers have created an exploit for Windows 7 that they deem 'unfixable', which allows a hacker to take full control of a system.

The researchers, Vipin Kumar and Nitin Kumar, have named their exploit 'VBootkit 2.0', and they demonstrated it on a Windows 7 virtual machine. Kumar said, "There's no fix for this. It cannot be fixed. It's a design problem." This may sound dangerous, but it's not entirely as bad as some would think. The exploit cannot be used remotely; the attacker has to have physical access to the target machine. However, if they can get access, it could be devastating. The file clocks in at a mere 3KB, and "allows an attacker to take control of the computer by making changes to Windows 7 files that are loaded into the system memory during the boot process."

Be careful, though; the latest version of VBootkit (which isn't fully ready yet) would allow remote access, can remove a user's password, and gives an attacker the highest level of privileges. This gives someone access to all of a victim's files, which, as you can imagine, is very dangerous. When the victim's computer is restarted, access is removed, but can easily be gained again by running the software.

(NeoWin)

Samker's Computer Forum - SCforum.info





 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising