Security researcher defeats Windows 8 secure boot

[iPanik]

At the upcoming MalCon security conference in Mumbai, Austrian independent developer and security analyst Peter Kleissner is scheduled to release the first known "bootkit" for Windows 8—an exploit that is able to load from a hard drive's master boot record and reside in memory all the way through the startup of the operating system, providing root access to the system. The exploit allegedly defeats the secure boot features of Windows 8's new Boot Loader. Kleissner will also present a paper called "The Art of Bootkit Development."

http://arstechnica.com/business/news/2011/11/security-researcher-defeats-windows-8-secure-boot.ars

 

[iPanik]

that didn't take long.

 

[Ink]

Reading the comments are interesting too.

 

[Hungry Man]

The dev version doesn't even have secureboot.

And this article doesn't say anything about beating Win8's UEFI boot (other than that he's said it does.) Only Win7 and previous versions have been shown vulnerable. So far it's just a claim.

 

[Valentin N]

malware creators will always find ways. I think Microsoft needs to employ some hackers since hackers sees what microsoft doesn't

 

[Hungry Man]

They do.

The issue is that solving problems is not always as easy as finding them.

 

[win7holic]

right? what I say.
malware writers will try to find vulnerable. although the OS has been making new features.
and, now? already see vulnerable of Windows 8.

 

[jamescv7]

Well on that case Microsoft would have time to tighten more security beyond on researchers that found a bypassed.

 

[moonshine]

It was tried on the Dev Version which doesn't have Secure Boot and yes it was a claim, The people needs solid evidences to proof the statement. So far, I don't believe in this one.

 

[AyeAyeCaptain]

Why don't they do what google do as well, pay.... shocked to see (I believe it) Win 8 been rocked so soon! Thanks for the interesting read iPanik

 

[Valentin N]

right? what I say.
malware writers will try to find vulnerable. although the OS has been making new features.
and, now? already see vulnerable of Windows 8.

It's better if most of the vulnerabilities are seen during the developments/beta testing. Microsoft needs to have employ bad hacker not the good ones.

OFFTOPIC

---

The word hacker has a good meaning originally. I will quote my book, so I will edit this post.

---

 

[win7holic]

oh. Yes. you are right, Valen
we'll see, in the final release.