Windows 7 Windows 7 vulnerabilty or good thing...

Discussion in 'Windows News' started by kevin from Chi-town, Apr 24, 2009.

  1. kevin from Chi-town

    Joined:
    Jan 11, 2009
    Messages:
    714
    Likes Received:
    8
    Researcher show how to take control of a pc w/win 7 upon boot. Interesting article.


    Researchers show how to take control of Windows 7 - Network World

    However I see this is a different way. Since the administrator has a finite number of rights and "system" is root, well then one could use this to have full control of your pc or in other word, you could be root.
     
    whoosh and (deleted member) like this.
  2. whoosh

    whoosh Cooler King
    Staff Member Premium Supporter

    Joined:
    Apr 15, 2009
    Messages:
    25,716
    Likes Received:
    380
    You have to have actual access to the computer so it can not be done remotely . Guess that would narrow down the culprit situation :)
     
  3. john3347

    john3347 Extraordinary Member
    Premium Supporter

    Joined:
    Jan 12, 2009
    Messages:
    1,023
    Likes Received:
    36
    Co-workers beware

    Is this vulnerability a situation in which a co-worker (working a different shift from you) could gain access to your computer and do some serious sabotage while you are not present? This could be a big problem!
     
  4. whoosh

    whoosh Cooler King
    Staff Member Premium Supporter

    Joined:
    Apr 15, 2009
    Messages:
    25,716
    Likes Received:
    380
    Yes that would be a likely scenario . You would hope to trust your co-workers but if you are dealing with sensitive data and enough money is offered who can say ?
    That is the worst case scenario .

    Good luck hope that has helped you a little :)

    Make sure you have a password not easy to crack . Dont leave your computer open too abuse .

    Always good stuff = you rocks ;)
     
    #4 whoosh, Apr 28, 2009
    Last edited: Apr 28, 2009
    john3347 and (deleted member) like this.
  5. john3347

    john3347 Extraordinary Member
    Premium Supporter

    Joined:
    Jan 12, 2009
    Messages:
    1,023
    Likes Received:
    36
    I didn't peruse the article in detail and I may not fully understand the procedure described. I read it to say that this hack bypasses any passwords that are in place making the intrusion not affected by passwords no matter how strong.. Did I misread this point? If my understanding of the procedure is close to correct, a coworker could easily steal research material, etc from another. The bonuses and promotions that could result from such activity is certainly enough motivation for many, many employees. Will it become necessary to encrypt sensitive material to a flash drive and take it home with you? Bitlocker does come with Enterprise and Ultimate editions of W-7. Maybe this is a Microsoft ploy to move businesses all the way to the top (in cost) editions of the OS. I remember several years ago I "sneaked" into the company computer and got the salaries/wages of everyone that worked there. (Several people got a handsome raise as a result.) Might this vulnerability allow something like this happen again in spite of the many times better security employed by businesses today? This hole seems to be a severe security issue to me. and not to be taken lightly in many environments.

    Also, as Kevin points out, would it not allow an individual client user to have full control of their machine in violation of network and company policy?

    "The software can also able remove a user's password, giving an attacker access to all of their files. Afterwards, VBootkit 2.0 restores the original password, ensuring that the attack will go undetected. "
    The IDG News Service is a Network World affiliate.



    Yes, I thought I remembered reading something like this. This sounds to me like a VERY serious threat to the business community.


    I think the author of the subject article couldn't decide whether they wanted to say "can also remove" or "is also able to remove", or "can also be able to remove" and kinda jumbled things up on this first sentence here.
     
    #5 john3347, Apr 28, 2009
    Last edited: Apr 28, 2009
  6. whoosh

    whoosh Cooler King
    Staff Member Premium Supporter

    Joined:
    Apr 15, 2009
    Messages:
    25,716
    Likes Received:
    380
    Your right they can overide the password ! Few traces left of the attack so hard to detect .
    Any computer becomes an open book if running windows 7 ! Think MS will need to do something fast or business take up might be very limited !
     
    #6 whoosh, Apr 29, 2009
    Last edited: Apr 29, 2009
  7. davehc

    davehc Microsoft MVP
    Premium Supporter Microsoft MVP

    Joined:
    May 1, 2008
    Messages:
    5,116
    Likes Received:
    301
    I read through the article a couple of times to try and get the purpose - and failed. (I'm getting too old!!)
    If I had physical access to someones computer I would, like many average users, find it easy to bypass the OS password and have access to any files therein. Did I misunderstand something?
     
  8. whoosh

    whoosh Cooler King
    Staff Member Premium Supporter

    Joined:
    Apr 15, 2009
    Messages:
    25,716
    Likes Received:
    380

    The latest version of VBootkit includes the ability to remotely control the victim's computer. In addition, the software allows an attacker to increase their user privileges to system level, the highest possible level. The software can also able remove a user's password, giving an attacker access to all of their files. Afterwards, VBootkit 2.0 restores the original password, ensuring that the attack will go undetected. .

    It does sound very bad indeed a major flaw in the OS .

    Vbootkit 2.0: Attacking Windows 7 via Boot Sectors

    This talk will introduce a new tool which allows attacks against Windows 7 via boot sectors. In this talk we will demo Vbootkit 2.0 in action and show how to bypass and circumvent security policies / architecture using customized boot sectors for Windows 7 (x64). The talk will cover:

    () Windows 7 Boot architecture
    () Vbootkit 2.0 architecture and inner workings
    () insight into the Windows 7 minkernel

    We will also demonstrate:

    () The use of Vbootkit in gaining access to a system without leaving traces
    () Leveraging normal programs to escalate system privileges
    () Running unsigned code in kernel
    () Remote command & Control

    All this is done, without having any footprint on the HDD (everything is in memory). It also remains invisible to all existing anti-virus solutions.

    Vbootkit 2.0 Attacking Windows 7 (x64) via Boot Sectors
    Posted by Webmaster in Projects at 15:49

    I am a home user so feel fairly secure this way . Is that a false sense of security ?
    For the business community things look very insecure running windows 7 . Am I being an alarmist ?
    What are your thoughts on this ?
     
    #8 whoosh, Apr 29, 2009
    Last edited: Apr 29, 2009
  9. davehc

    davehc Microsoft MVP
    Premium Supporter Microsoft MVP

    Joined:
    May 1, 2008
    Messages:
    5,116
    Likes Received:
    301
    Still not with it!
    There seems to be a contradiction in the article?

    "While VBootkit 2.0 shows how an attacker can take control of a Windows 7 computer, it's not necessarily a serious threat. For the attack to work, an attacker must have physical access to the victim's computer. The attack can not be done remotely. "

    and then:

    "The latest version of VBootkit includes the ability to remotely control the victim's computer. In addition, the software allows an attacker to increase their user privileges to system level, the highest possible level. The software can also able remove a user's password, giving an attacker access to all of their files. Afterwards, VBootkit 2.0 ..... "

    But, in any case, why single out poor old Windows 7. It looks to me as if it would work on any OS as it loads with the root.
     
    #9 davehc, Apr 29, 2009
    Last edited by a moderator: Apr 29, 2009
  10. whoosh

    whoosh Cooler King
    Staff Member Premium Supporter

    Joined:
    Apr 15, 2009
    Messages:
    25,716
    Likes Received:
    380
    Must admit when I first posted this it was without much thought . Just an article of some interest . Now having perused it more closely it looks extremely serious . A major flaw in the OS . As you have said it may work on other windows not just 7 not sure about that . I have a busy day but will certainly look into it mor closely as time allowes .
    VBootkit 2.0 Could be modifies to make a :
    PXE (Pre-Boot Execution Environment) boot virus, or a normal boot virus. As a result, NVLabs plans to keep the VBootkit 2.0 code under wraps. "We don't have any plans to make it open source, due to chances of misuse," he said.

    Only the high end win7 OS will have inbuilt encryption . How many folks will bother to ensure there puters are secure b4 nipping out for a sandwich etc ?
    Only got too watch the news to know how lax security can be even at the highest levels of goverment .

    That will leave most windows 7 users without a safety net because they wont have the encryption .
    Then again is this a fuss about nothing ? Must admit to being confused about this whole issue .
     
    #10 whoosh, Apr 29, 2009
    Last edited: Apr 29, 2009

Share This Page

Loading...