Open Source Vbootkit 2.0 Attack Tool for Windows 7
Windows 7 Release Candidate is now out and available for public download, and so is the open source attack tool Vbootkit 2.0 created by security researchers Vipin Kumar and Nitin Kumar. The source code of the attack tool has been released under a General Public License (GPL), meaning that anyone can now use it to compromise the Windows 7 operating system.
With Vbootkit 2.0, an attacker could take full control of the OS because there is a design problem within Windows 7. According to its developers, there is no fix for this exploit simply because it is a design issue (as mentioned before). The upside is that the exploit only works if the attacker has physical access to the targeted machine – the exploit cannot be used remotely.
“It hooks the basic hard disk reading mechanism, the INT 13h method, then waits for read requests. When it finds a known signature, it patches the file in memory and the process continues till we reach the kernel,” explained Vipin Kumar for eWeek. In layman’s terms, Vbootkit 2.0 takes control of the Windows 7 OS when the operating process boots up by “making changes to Windows 7 files that are loaded into the system memory during the boot process”.
Microsoft has responded with the following statement: “If one has this kind of unrestricted access, one can do many things to compromise the system. BitLocker, in addition to data encryption, can also help protect against physical-access attacks with its secure-boot technology. The feature uses a Trusted Platform Module (TPM 1.2) to help ensure that a PC running Windows 7 has not been tampered with while the system was offline.”
That may be true, but the thing is that TPM and BitLocker are only available on high-end versions of Windows 7, mainly Windows 7 Enterprise and Windows 7 Ultimate.
If you would like to get the Vbootkit 2.0 source code, a download location is available here.
Tags: Microsoft, Windows 7, Vbootkit 2.0, Attack tool
With Vbootkit 2.0, an attacker could take full control of the OS because there is a design problem within Windows 7. According to its developers, there is no fix for this exploit simply because it is a design issue (as mentioned before). The upside is that the exploit only works if the attacker has physical access to the targeted machine – the exploit cannot be used remotely.
Advertising
“It hooks the basic hard disk reading mechanism, the INT 13h method, then waits for read requests. When it finds a known signature, it patches the file in memory and the process continues till we reach the kernel,” explained Vipin Kumar for eWeek. In layman’s terms, Vbootkit 2.0 takes control of the Windows 7 OS when the operating process boots up by “making changes to Windows 7 files that are loaded into the system memory during the boot process”.
Microsoft has responded with the following statement: “If one has this kind of unrestricted access, one can do many things to compromise the system. BitLocker, in addition to data encryption, can also help protect against physical-access attacks with its secure-boot technology. The feature uses a Trusted Platform Module (TPM 1.2) to help ensure that a PC running Windows 7 has not been tampered with while the system was offline.”
That may be true, but the thing is that TPM and BitLocker are only available on high-end versions of Windows 7, mainly Windows 7 Enterprise and Windows 7 Ultimate.
If you would like to get the Vbootkit 2.0 source code, a download location is available here.
Tags: Microsoft, Windows 7, Vbootkit 2.0, Attack tool
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 28 May 2012
Mozilla introduced a new program meant to educate millions of people, the Mozilla Webmaker program.
By George Norman on 26 May 2012
Piriform updated its products, making CCleaner less annoying and Defraggler a lot faster.Related News
By George Norman on 27 Mar 2012
The freeware application Color Desker takes the wallpaper changing functionality the Windows 7 operating system has to offer and takes it to the next level
By George Norman on 08 Dec 2011
Christmas enthusiasts have already taken out the decorations out of storage and decorated their homes even though there’s still a bit of time until Christmas. They may also want to decorate their desktop with
By George Norman on 16 Jan 2012
January 23rd marks the Chinese New Year and the start of the Year of the Dragon. According to the Chinese zodiac 2012 is the year of the Water Dragon
By George Norman on 14 Dec 2011
Earlier this month I invited you to check out some very nice Christmassy themes you could use to decorate your computer. Since then I’ve gotten some comments from some “Grinchy” friends who Advertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Open Source Vbootkit 2.0 Attack Tool for Windows 7
HTML Linking Code
HTML Linking Code