Printed from http://www.electronista.com

Security team shows unfixable Windows 7 hack

updated 01:40 pm EDT, Thu April 23, 2009

Windows 7 hack program

At the Hack In The Box (HITB) Security Conference in Dubai on Thursday, security researchers demonstrated how software they developed can already take advantage of a design problem with the upcoming Windows 7 operating system, allowing them to hack into the system. VBootkit 2.0, created by researchers Vipin Kumar and Nitin Kumar, was used to demonstrate how hackers can take control of a Windows 7 computer while it's booting up. Unlike most exploits, though, the attack is said inherent to Windows 7 and may likely remain with the OS until it's replaced.

"There's no fix for this. It cannot be fixed. It's a design problem," Vipin said, though the attack cannot be done remotely and requires that hackers have physical access to a PC.

The program is just 3KB big and lets attackers change files that are loaded into system memory during the boot process. Because nothing is changed on the hard disk itself, VBootkit 2.0 is hard to detect, Vipin says. Also, rebooting the computer gets rid of the security issue, as system memory is cleared during the process.

Via the software, hackers can remotely control the targeted computer and change their access level to the highest possible. Passwords can also be removed, letting hackers access a victim's files. What's more, the password is restored, so victims are unaware their security was breached.

As the name implies, VBootkit 2.0 is the second such program developed by Vipin and Nitin, as the original was demonstrated back in 2007 and exposed a vulnerability in Windows Vista.

Microsoft hasn't commented on the exploit. [via NetworkWorld]



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. climacs

    Forum Regular

    Joined: Sep 2001

    0

    Windows 8!!!

    Never fear, Windows 8 will be the bestest ever! Really, this time for sure!

    But seriously, is this a real threat? It requires physical access to the computer. There's all sorts of mischief which can be done if one has physical access to a targeted computer.

  1. climacs

    Forum Regular

    Joined: Sep 2001

    -4

    also...

    OK it loads when booting up. How does it help to re-boot, then? Even if it is cleared from system memory? Am I missing something here?

  1. Wingsy

    Fresh-Faced Recruit

    Joined: Apr 2005

    +4

    PhysicalAccessExploit

    C'mon guys. The attacker has to have physical access to the machine for this to work. You might as well come up with a story that Win7 machines are vulnerable to being picked up and carried away.

    The real stories are the remote exploits. More like those please.

  1. eldarkus

    Fresh-Faced Recruit

    Joined: Feb 2004

    -1

    Yup

    I came out with a great virus. It's pre-loaded on some RAM i have.. all I have to do is install the RAM in someone's machine and it's mine... as long as they dont restart it!!

  1. DeezNutts

    Fresh-Faced Recruit

    Joined: Apr 2008

    0

    wow


    With physical access you can rig a machine so that everytime it boots you 0wNz it!

    Who would have thought!???

    How is this even news?

  1. climacs

    Forum Regular

    Joined: Sep 2001

    0

    A new Windows virus

    I have created a trojan which can automatically create a new user account on a computer, delete any and all files, and direct a computer's browser to unsafe sites provided that it has physical access to a targeted computer.

    It's called 'a human being'.

  1. hayesk

    Professional Poster

    Joined: Sep 1999

    +10

    Corporate

    This flaw has big impact to corporate users where IT departments need to control the rights employees have on the machines. Imagine a disgruntled employee coming in early, booting up his coworkers' desktop PCs, installing spyware and gathering his coworkers' passwords and other data.

    This is a big deal.

  1. phpmaven

    Fresh-Faced Recruit

    Joined: Jan 2009

    -6

    Complete nonesense

    This is a non-issue. As others have said, this would require physically sitting at the PC and installing a root kit. Also any corporation worth it's salt is going to have it's PCs locked down so that nobody can just sit down and install a root kit.

  1. climacs

    Forum Regular

    Joined: Sep 2001

    -4

    I guess

    these guys had to justify the cost of going to Dubai in order to discuss computer security...

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -5

    how

    How does the software get in system memory to run if the system memory is wiped on boot?

    Sounds like one of those "If someone freezes the memory...." exploits.

    Hey, they're just lucky they didn't do this on a Mac. They'd been creamed. Although they technically didn't do it on a PC, either, they did it in a virtual machine.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Adesso Compagno X Bluetooth keyboard

The shift from typing on physical keyboards to digital versions on smartphones and tablets hasn't been an easy for many consumers. Fro ...

Polk Audio 4 Shot headset

Sound quality and design are two of the biggest areas of focus for manufacturers when coming up with a new gaming headset. Depending o ...

Patriot Supersonic Phoenix USB 3.0 drive

USB thumb drives aren't the end all solutions for data transfer and traveling needs. Sometimes people want something with a little mor ...

Sponsor

toggle

Most Commented

 
toggle

Popular News