While Microsoft talked up Windows Vista security at Black Hat, a researcher in another room 
demonstrated how to hack the operating system. Joanna Rutkowska, a Polish researcher at Singapore-based Coseinc, showed that it is possible to bypass security measures in Vista that should prevent unsigned code from running.
And in a second part of her talk, Rutkowska explained how it is possible to use virtualization technology to make malicious code undetectable, in the same way a rootkit does. She code-named this malicious software Blue Pill.
"Microsoft is investigating solutions for the final release of Windows Vista to help protect against the attacks demonstrated," a representative for the software maker said. "In addition, we are working with our hardware partners to investigate ways to help prevent the virtualization attack used by the Blue Pill." Vista hacked at Black Hat | CNET News.com
From around the Web
- Windows Vista Service Pack 2 Latest Release Schedule
- Vista SP2: What is inside?
- NetWitness releases free version of security software
- Three Reasons Why Users Won’t Buy Into Security
- Automated security testing & its limitations
- Google Wants to Preinstall Chrome Browser on PCs
- Mozilla warns of Firefox China add on
- Firefox No Longer an Automatic Defense Against Browser Drive Bys
- Google patches Chrome file stealing bug
- Apple plays catch up, adds anti fraud safeguard to Safari
- Researchers find vulnerability in Windows Vista
- How to Use Network Behavior Analysis Tools
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Windows 7 UAC could be less of a nag