10/20/2006

Microsoft Blocks Vista Rootkit Exploit

Filed under: — By Aviran Mordo @ 4:28 pm

Microsoft has blocked the attack vector used to slip unsigned drivers past new security policies being implemented in Windows Vista, according to Joanna Rutkowska, the stealth malware researcher who created the exploit.

Rutkowska, who demonstrated the exploit at the Black Hat conference in August, said she tested the attack against Windows Vista RC2 x64 and found that the exploit doesn’t work anymore.

“The reason: Vista RC2 now blocks write-access to raw disk sectors for user mode applications, even if they are executed with elevated administrative rights,” Rutkowska wrote on her Invisible Things blog.

Source: eWeek

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress