While Microsoft talked up Windows Vista security at Black Hat, a researcher in another room demonstrated how to hack the operating system. Joanna Rutkowska, a Polish researcher at Singapore-based Coseinc, showed that it is possible to bypass security measures in Vista that should prevent unsigned code from running.<\/p>\n
And in a second part of her talk, Rutkowska explained how it is possible to use virtualization technology to make malicious code undetectable, in the same way a rootkit does. She code-named this malicious software Blue Pill. “Microsoft is investigating solutions for the final release of Windows Vista to help protect against the attacks demonstrated,” a representative for the software maker said. “In addition, we are working with our hardware partners to investigate ways to help prevent the virtualization attack used by the Blue Pill.”<\/p>\n
“The fact that this mechanism was bypassed does not mean that Vista is completely insecure. It’s just not as secure as advertised,” Rutkowska said. “It’s very difficult to implement a 100 percent-efficient kernel protection.” To blog the attack, however, Vista needs to be running in administrator mode, Rutkowska acknowledged. That means her attack would be foiled by Microsoft’s User Account Control, a Vista feature that runs a PC with fewer user privileges. UAC is a key Microsoft effort to prevent malicious code from being able to do as much damage as on a PC running in administrator mode, a typical setting on Windows XP.<\/p>\n","protected":false},"excerpt":{"rendered":"
While Microsoft talked up Windows Vista security at Black Hat, a researcher in another room demonstrated how to hack the operating system. Joanna Rutkowska, a Polish researcher at Singapore-based Coseinc, showed that it is possible to bypass security measures in Vista that should prevent unsigned code from running. And in a second part of her […]<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[24,37],"tags":[],"class_list":["post-58","post","type-post","status-publish","format-standard","hentry","category-security","category-windows-vista"],"aioseo_notices":[],"aioseo_head":"\n\t\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t