Vista hacked!!!

[Amaury B. F.]

Reports of a new threat to Microsoft's unreleased operating system 'Vista'
have already started. This new threat named only as 'Blue Pill' has already
managed to circumnavigate it's was around the major new feature in Vista,
its security.

Microsoft's new Vista operating system has been touted as their most secure
operating system to date. Microsoft has put a lot of time and effort in to
making this new operating system secure by giving it a "Security
Development Lifecycle" which aims to find 'all' security threats before
being released.

Microsoft has been after information like this to arise, as they attended
this year's Black Hat hacker conference last week prompting attending
hackers to do worst.
The Blue Pill works by bypassing Vista's integrity-checking process and
allows unsigned code to be loaded by the Vista kernel. By doing this it
allows Malware or unauthorised software to be used. Reports also say Blue
Pill is undetectable.

Reports now say Microsoft are happy with the information they have received
and are looking in to the process used by Blue Pill and hope to find a
solution to what could be a rather interesting problem on release.

The finder of the new hack Joanna Rutkowska a researcher for a firm called
COSEINC has made some suggestions on the best way to address this. I think
Microsoft will be all ears on that one!

http://itvibe.com/news/4116/

 

[JM Tella Llop [MVP Windows]]

Es triste, Pablo Lleo, que a una bella persona como Amaury lo falsificques.
Alguien que no te ha hecho absolutamente nada excepto ser amigo de Javi
Pardo. Curioso.

Por cierto, si tienes noticias mas recientes, al menos te lo agradeceremos.
Esa es de primeros de Agosto.

--
Jose Manuel Tella Llop
MVP - Windows
(e-mail address removed) (quitar XXX)
http://www.multingles.net/jmt.htm
news://jmtella.com

Este mensaje se proporciona "como está" sin garantías de ninguna clase,y no
otorga ningún derecho.

This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.

 

[Guest]

IIRC, Blue Pill relies at least partly on a processor-feature whose security
implications were not fully envisaged.

Nevertheless it underlines the fact that more complexity = less security -
or at least that the demands placed on security-measures increase
exponentially with system complexity. The sheer complexity of Vista, and
huge number of running processes, makes it very hard to tell IF the system
has been compromised. Blue Pill or no, there are simply too many
hiding-places for a manual Trojan-search to be feasible, and I see this being
a big issue for people supporting Vista.

We see plenty people in here knocking Windows 95/98 for 'not having
security' ... but in many ways their security was better, since with their
relatively simple architecture, an impostor-process was much easier to spot.

Oh, and this should really be in the Vista groups, of course.

 

[Rick]

Reports of a new threat to Microsoft's unreleased operating system 'Vista'
have already started. This new threat named only as 'Blue Pill' has already
managed to circumnavigate it's was around the major new feature in Vista,
its security.

Microsoft's new Vista operating system has been touted as their most secure
operating system to date. Microsoft has put a lot of time and effort in to
making this new operating system secure by giving it a "Security
Development Lifecycle" which aims to find 'all' security threats before
being released.

Microsoft has been after information like this to arise, as they attended
this year's Black Hat hacker conference last week prompting attending
hackers to do worst.
The Blue Pill works by bypassing Vista's integrity-checking process and
allows unsigned code to be loaded by the Vista kernel. By doing this it
allows Malware or unauthorised software to be used. Reports also say Blue
Pill is undetectable.

Reports now say Microsoft are happy with the information they have received
and are looking in to the process used by Blue Pill and hope to find a
solution to what could be a rather interesting problem on release.

The finder of the new hack Joanna Rutkowska a researcher for a firm called
COSEINC has made some suggestions on the best way to address this. I think
Microsoft will be all ears on that one!

http://itvibe.com/news/4116/

Why should anyone be suprised? MS can not build an operating system
without any security flaws. It simply proves that the engineers who
built vista should have stayed in school longer.

Rick

 

[Edwin vMierlo]

Rick,

and I suppose you write operating systems yourself ?
.... completely safe, no security holes, no flaws

..... just wondering

rgds,
Edwin.