Andrew's ramblings

Is Vista really secure, it seems not

Tags: Windows Vista

Awhile ago I blogged how the firewall that comes with Windows XP and Vista is not very secure, and that the suer should look at a more secure alternative. Now it seems that Vista is comming under more flaws than people are claiming. One of the biggest things that Vista is claiming is how secure this OS is, but in reality it isn't as secure as people (Microsoft that is) are claiming. Microsoft awhile ago introduced a concept called digital signing, what that means is this and I quote from Microsofts own website.

Digital signatures allow administrators and end users who are installing Windows-based software to know whether a legitimate publisher has provided the software package.

Now the problem lies, in a hack found during the beta stages of Vista and is still know to apply today. And that problem highlights that at every stage in the booting process on Vista works on faith (blindly if you want to put it that way), that everything prior to the booting process of Vista has run cleanly.

So how does this effect Vista you ask?

It seems that the boot kit is able to copy itself into memory, even before vista is installed and capture interupt 13, which as everyone knows operating systems use for read access to sectors of hard drives among other things.

So what this means is that it is possible the "boot kit" can manage to run with kernel privileges and issue system rights to a CMD shell when running on Vista, even without a Microsoft signature.

For a full article, please read this article From root kit to boot kit

I guess as time goes on we are going to know the full extent that this software was rushed out the door, how full of flaws and bugs it is. I have personally come across many KB articles relating to alpha and beta stages that still effect Vista today, some of these are security issues but mainly they are bugs with other Microsoft applications.
Tweet