Security researcher to reveal how to root Windows 8

Kleissner, an Austrian security researcher, reportedly has a court appearance in mid-December regarding the Stoned Bootkit he revealed in the summer of 2008 at the BlackHat security event in Las Vegas.

The bootkit for Windows 8 could be quite a breakthrough, Infosecurity notes, as it effectively means that root level access could be gained to the new operating system before the kernel code of the OS is loaded.

According to the Ars Technica newswire, Kleissner’s exploit allegedly defeats the security features of Windows 8's new boot loader although, interestingly enough, the Austrian researcher told the newswire that the exploit does not – as you might expect - target the Unified Extensible Firmware Interface (UEFI) feature of Win8, but instead uses a legacy BIOS approach.

“Kleissner said he has shared his research and paper and the paper he plans to present, `The Art of Bootkit Development,’ with Microsoft,” notes the wire.

In his Twitter feed on plans for MalCon Mumbia, Kleissner said that the new bootkit – Stoned Lite – is just 14 kilobytes large, and executes from a USB stick or disk drive as appropriate.

Ars Technica, meanwhile, says that Windows 8's boot loader has added a number of security features to prevent malware and security breaches - including a measure that requires any software loaded at boot time to be authenticated with a valid digital signature.

“Microsoft advertised this feature as a malware killer, because it would, in theory, block any unsigned software from loading into memory before start-up. But the new boot loader has caused concern in the open-source world, because Linux distributions such as Red Hat and Ubuntu don't come with a digital signature,” says the wire.



What’s hot on Infosecurity Magazine?