Hackers demonstrate how to access Windows Vista

Inspired by Symantec's second report on Windows Vista vulnerabilities, a security researcher at the Black Hat conference in Las Vegas publicly demonstrated how to break the Vista kernel.

Joanna Rutkowska, a senior security research expert from COSEINC in Singapore, will demonstrate how to avoid operating system security and insert malware into the system through conceptual verification. This is not a fantasy. Attackers can bypass the system security mechanism by directly adding the digital identification code loaded into the Vista kernel.

In his demonstration, Rutkowska will disable Vista's identity check tool, providing a way for malware to run in kernel mode. In this way, the sniffer, keyboard recorder, and backdoor Trojan can find a way to access the basic services of Vista, and open the door to remote control of this machine from the underlying operating system.

"When the attack succeeds, attackers need to find a feasible method to force interesting kernel code to be paged, and then discover and modify the code in a page file. In the end, the kernel needs to load the code again (which has been modified now) into the physical memory and execute it, "Rutkowska explained. "The concept validation code I implemented solves all the challenges in practical use ." Rutkowska condemned Microsoft's operating structure vulnerabilities and described the fact that the ability of a pattern application to enter the underlying disk sector is simply a design issue.

In conclusion, the researchers also noted that she was deeply impressed by the comprehensive performance of Windows Vista and how the operating system balances security and functionality.

Related Articles]

• Microsoft released security update 3/4 to fix critical vulnerabilities.

• Microsoft: Windows is the operating system with the least Vulnerabilities