Can a Rootkit Be Certified for Vista?
Forget what Microsoft says about Vista being the most secure version of Windows yet. More to the point, what do the hackers think of it?
windows -
comments -
16.3.2007 Microsoft Watches as Windows Vista Gets '0wn3d' by Rootkit
Ben Fathi slipped into the darkened, standing-room-only conference room and took a seat on the carpeted floor.
windows -
comments -
5.8.2006 Microsoft Blocks Windows Vista Rootkit Exploit
Microsoft has blocked the attack vector used to slip unsigned drivers past new security policies being implemented in Windows Vista, according to Joanna Rutkowska, the stealth malware researcher who created the exploit.
windows -
comments -
21.10.2006 Sophos Anti-Rootkit 1.3 RC
The term rootkit is used to define a Trojan (or technology) used to hide the presence of a malicious object (process, file, registry key, network port) from the computer user or administrator.
download -
comments -
18.4.2007 DeepMonitor - Detect Hidden Process and Rootkit
Rootkits is a computer security threat that is designed to modify the core software components of the system, inserting code which attempts to hide the infection and provides some additional feature or service to the attacker.
download -
comments -
4.6.2008 Microsoft AntiSpy program will remove Sony's DRM Rootkit
From antimalware blog:
I've been getting a lot of questions in the last week about Microsoft's position on the Sony DRM and rootkit discussions, so I thought I'd share a little info on what we're doing here. We are concerned about any malware and its impact on our customers' machines. Rootkits have a clearly negative impact on not only the security, but also the reliability and performance of their systems.
microsoft -
comments -
14.11.2005 Microsoft Plans to Add Rootkit Detection to Windows Live OneCare
Windows Live OneCare is right on track to getting an anti-rootkit upgrade. Microsoft plans to added rootkit detection capabilities to its line of security products, but not only OneCare will be impacted by the change.
microsoft -
comments -
20.3.2008 How to Install Vista Language Packs MUI on all versions of Vista + video tutorial
Microsoft Windows Vista Home Basic, Vista Home Premium, and Vista Business versions of the Microsoft licensing restrictions can only preserve a language!
download -
comments -
23.9.2008 The Vista Built-in Super Administrator Account Has Survived in Vista SP1
Windows Vista Service Pack 1 is designed to evolve the RTM version of the latest Windows client from Microsoft, made available in November 2006 to business customers, and in January 2007 to the general consumers.
windows -
comments -
15.2.2008 Vista SP1 Is Out, XP SP3 Old News, the Pink Edition of Vista Is In
Windows Vista Service Pack 1 is now nothing more than water under the bridge, now that the service pack was released to manufacturing on February 4, 2008, shipping to general users on March 18.
windows -
comments -
27.3.2008 Tell Hasta la Vista to XP - Time to Upgrade to Vista SP1
Like it or not, this is the right time not only to upgrade to Windows Vista Service Pack 1 but also to tell hasta la vista to Windows XP.
windows -
comments -
30.6.2008 Instant Change Vista Product ID with Vista ProductID Changer
In past we have reviewed number of application to recover product key like Product Key Finder, WinGuggle, Windows product Key Finder.
download -
comments -
1.11.2009 Vista SP1 RC1 Flies Past Vista RTM and Windows XP SP2
Despite the fact that Microsoft has expressed its official position regarding testing Windows Vista Service Pack 1 ahead of its finalization, there is simply too much of a hunger for the service pack.
windows -
comments -
27.12.2007 Vista SP1 Won't Resolve the 4 GB RAM Limitation of 32-bit Windows Vista
32-bit Windows operating systems, and Windows Vista makes no exception whatsoever to this rule, are limited in terms of the amount of system memory that can be addressed to no more than 4 GB.
windows -
comments -
4.1.2008 Vista Loader 2.1.3 - Windows Vista Activator 2008 Support SP1 with No Boot String
Vista Loader is one of the most successful Vista activation crack available to date, second only to physical modify (hardmod) the BIOS to include SLIC table to make BIOS Vista activation-compliant.
download -
comments -
15.5.2008 x64 Vista SP2 JPG Rendering Performance Inferior to x86 Vista SP2's
The JPG rendering process on 64-bit flavors of Windows Vista Service Pack 2 is inferior to that on the 32-bit variants of the operating system.
windows -
comments -
10.6.2009 Microsoft to Kill the Grace Timer and OEM BIOS Windows Vista Cracks with Vista SP1
With the advent of Windows Vista, cracks also became available being designed to bypass the activation process of the operating system.
windows -
comments -
4.12.2007 New Vista OEM Activation Hack - Vista Boot by gkend
Thanks to Steve Jobs for this article on his blog and to our forum members to clecha, Nighthief and fitterphil120 for most of the findings. One again the Chinese come up with a new method to trick out the Vista Activation. We have seen Softmode and VistaLoader, however Vista Boot by gkend does promise even more.
download -
comments -
21.5.2007 Windows Vista on Super Nintendo, As Real As Vista on PSP
We're puzzled and confused... How can a console that's at least ten times less powerful than the acclaimed PSP cope with Windows Vista's requirements?
windows -
comments -
15.8.2007 Vista RTM vs. Vista SP1 - Office 2007 benchmarking
Enough with benchmarking the OS - lets see if Office 2007 is any faster on Vista SP1.
windows -
comments -
26.2.2008 Microsoft Says Vista SP1 Needs to Speak the Same Language as Vista RTM
Microsoft says that Windows Vista Service Pack 1 needs to speak the same language as the RTM version of the latest Windows client. Otherwise there's no game.
windows -
comments -
2.4.2008 Vista SP1 to Cure the Vista RTM Wow Hangover
When Windows Vista was unleashed in January 31, 2008, Microsoft was promising performance, security, innovation, all wrapped up under an umbrella of a Wow user experience.
windows -
comments -
11.4.2008 Vista-For-Free coupon with Vista ready PC's
Microsoft and the world's leading PC vendors have reached an agreement to promote the long-awaited Vista OS by offering PC buyers worldwide a free upgrade coupon, as a way of encouraging them to buy a Vista-capable PC as early as possible, according to market sources, citing information leaked from Taiwan-based PC makers.
windows -
comments -
11.10.2006 Can Vista SP1 help polish Vistas tarnished image?
Call it complaining. Call it whining. The end result is the same: Windows Vistas image is tarnished. And its corroding more and more rapidly as the weeks are going on. Thanks to pacpis for this news.
windows -
comments -
21.8.2007 Vista SP1 Features the Same Sins as Windows Vista
Windows Vista Service Pack 1 comes with the same sins as Windows Vista. The service pack is not even out the door, and is already putting users at risk.
windows -
comments -
16.1.2008 Will Vista SP1 Go Where Vista Never Went? Even with XP SP3 and Windows 7?
Throughout 2007, it became painfully clear to Microsoft that the main competitor for Windows Vista was not Apple's Mac OS X or even the open source Linux operating system but Windows XP, and, in fact, specifically XP SP2.
windows -
comments -
1.3.2008 New Vista AutoPatcher - Vista update toolkit Alpha
Vista Update Toolkit Alpha (Windows Vista Updates Downloader) is a FREE program which downloads updates directly from Microsoft. All files are very useful with vLite!
download -
comments -
26.9.2008 Vista SP1 Microsoft Could Not Have Given Less Vista SP2 Anyone?
Microsoft had the chance to position the first service pack for Windows Vista as a panacea for the operating system, giving the platform nothing less than a fresh start and another take at the Wow.
windows -
comments -
3.10.2007 Vista SP1 Rolling Over for Vista SP2
Vista SP1 did not do the trick for your RTM copy of the operating system? While such a scenario is highly unlikely, Microsoft is getting closer and closer to taking Windows Vista to the next level, again.
windows -
comments -
7.12.2008 Vista SP1: Indictment of Vista 1.0?
Microsofts announcement that it is preparing a Vista Service Pack 1 beta in two weeks is curious on many levels. Although Microsoft delivers improvements via service packs I cant help but consider Vista SP1 a do-over.
windows -
comments -
30.8.2007Symantec Found Using Rootkit
Feature
Symantec is cleaning up a
feature in Norton SystemWorks
that uses a rootkit-like
technique to hide a system
folder from Windows. The
technology works similar to
Sony BMG's controversial
rootkit DRM in the way it
masks files and makes them
invisible to the operating
system...
betanews.com -
12.01.2006Sony President: Rootkit of No
Concern
In an interview with NPR late
last week, Sony BMG's Global
Digital Business President
Thomas Hesse downplayed the
recent DRM fiasco saying he
objected to terms such as
malware, spyware and rootkit.
"Most people, I think,
don't even know what a
rootkit is, so why should they
care about it?" he said...
betanews.com -
09.11.2005Virtualisation-based Windows rootkit detector available
Windows security software vendor North Security Labs is offering free downloads of its
Hypersight Rootkit Detector
while it's still in final testing.
The company claims that its hardware virtualisation-based hypervisor is the first
fourth-generation rootkit detector.
It supports Windows 2000, Windows XP and Windows Server 2003, but support for Windows Vista
and Windows Server 2008 should be forthcoming eventually. It's also constrained to running on Intel Core 2 processors at present, but the company
promises that a version designed to run on AMD processors will also be developed as the product matures.
winbeta.org -
27.02.2008Clearing the air: Bioshock does not contain a rootkit
This weekend news spread quickly that the PC version of Bioshock comes loaded with a rootkit. The only problem is, it isn't loaded with a rootkit,
it's just your standard "let's punish our customers" anti-piracy tool. However, since rootkit accusations are very serious, we thought we'd look
into it.
Gaming
Bob kicked all of this off by correctly noting that Microsoft's RootkitRevealer found a "SecuROM" registry setting that it found suspicious
after the PC version of Bioshock had been installed. It was assumed that this discovery, a registry setting with an invalid string character, was the
sine qua non of a rootkit built into SecuROM, a well-known anti-copying system used by PC game developers. News quickly flowed from there to a number
of sites that simply picked it up and ran with it. Everyone was saying SecuROM has morphed into a rootkit.
Given the fact that
SecuROM is owned by Sony, many saw this as an old dog up to its old tricks: Sony is, after all, the instigator of the infamous Sony rootkit scandal
involving music CDs.
winbeta.org -
27.08.2007Rootkit Revealer Absorbed by Microsoft
The little software utility
that uncovered the presence of
Sony's stealth DRM hiding
like a rootkit inside a
security engineer's computer,
and that eventually led to the
annulment ruling of a
multi-billion-dollar merger
between Sony and BMG Music, is
now a Microsoft product...
betanews.com -
10.11.2006First Trojan using Sony DRM
spotted
Virus writers have
begun taking advantage of
Sony-BMG's use of rootkit
technology in DRM software
bundled with its music
CDs.
Sony-
BMG's rootkit DRM technology
masks files whose filenames
start with "$sys$". A
newly-discovered variant of of
the Breplibot Trojan takes
advantage of this to drop the
file "$sys$drv.exe" in the
Windows system
directory.
"This
means, that for systems
infected by the Sony DRM
rootkit technology, the
dropped file is entirely
invisible to the user. It will
not be found in any process
and file listing. Only rootkit
scanners, such as the free
utility RootkitRevealer, can
unmask the culprit," warns
Ivan Macalintal, a senior
threat analyst at security
firm Trend Micro...
winbeta.org -
11.11.2005Blue Pill virtualisation rootkit freely available
Rootkit specialist Joanna
Rutkowska has
provided
open access to the source
code of a new version of the
virtualisation rootkit Blue
Pill, which has been rewritten
from scratch. She presented a
prototype of the rootkit at
the Black Hat conference in
Las Vegas in 2006.
The new version of
Blue Pill has not just been
revised, it also offers new
functionality and, according
to the description, relies on
the virtualisation support
offered by modern processors
(HVM, hardware virtualised
machines).
It is claimed that the new
Blue Pill can migrate Windows
into a virtual environment
whilst it is running; without
restarting, and invisibly to
the user. This would make it
undetectable from within the
system using current detection
methods. The rootkit supports
AMD's SVM/Pacifica
virtualisation to infiltrate a
hypervisor into Windows whilst
it is running, but is not yet
able to utilise Intel's VT-x
virtualisation. Blue Pill now
also includes several
functions specifically aimed
at hindering recognition by
rootkit detectors. It is
apparently able to support
nested hypervisors and to
manipulate Time Stamp Clock
Register (TSCR) readings to
thwart detection of stolen CPU
cycles: a technique known as
RDTSC cheating. ..
winbeta.org -
04.08.2007Sony Reaches Rootkit Settlement with 39 States
The full extent of Sony BMG's
rootkit liabilities came to
light Thursday, as a group of
39 states announced they had
reached a $4.25 million
settlement with the record
label over the issue...
betanews.com -
22.12.2006AIM Worm Threatens with
Rootkit
A Web security firm that
specializes in IM and P2P
security said on Friday that a
new worm spreading through the
AOL Instant Messenger network
might cause more problems than
the average IM worm. Sdbot-ADD
attempts to install a rootkit
that would allow an attacker
to monitor a computer...
betanews.com -
01.11.2005Instabird: Mozillas Instant Messaging Client, v0.1
Instabird is the newest project from the Mozilla folks, and its a multi-client
chat program that allows you to connect to several of the mainstream instant messaging services such as AOL, MSN, and Yahoo!. The project is still in
early beta (version .1 beta), but the adventurous user can strike out and attempt to compile a copy of their own. Thats right, I said compile.
The download weighs in at only 13.1 megabytes, which should be quick on most broadband connections, and for Windows users, the
install process, while not the prettiest in the world, is relatively painless and took about 45 seconds or so (as opposed to the reported two hours it
can take to compile on Ubuntu). I was able to connect to all my accounts error-free, and was chatting within five minutes of my download
completing.
winbeta.org -
20.10.2007Sony USB Drives Pack Rootkit Surprise
Finnish security company F-Secure has reported on new rootkit-like software discovered on USB thumb drives manufactured by Sony. Although the software
doesn't appear to cause damage to a user's system, it does create a hidden directory that is inaccessible via the Windows API and some virus
scanners...
betanews.com -
29.08.2007Sony Rootkit Settlement
Approved
A New York Judge on Monday
approved a class action
settlement regarding Sony BMG
Music Entertainment use of
harmful copy protection
software that included a
rootkit. Customers who
purchased or received a CD
after August 1, 2003 with the
XCP or MediaMax software are
entitled to a claim...
betanews.com -
23.05.2006Sony Discloses List of Rootkit
CDs
The initial count of 20 CDs
that bundled Sony BMG's now
infamous XCP copy-protection
software has grown. The label
has issued a list detailing 52
CDs dating back to early 2005
that include the controversial
rootkit. 2.1 million copies of
the discs made their way to
consumers...
betanews.com -
18.11.2005New Tests Show Rootkits Still Evade AV
Rootkits are still a security scanners worst nightmare: New rootkit detection tests recently conducted by
AV-Test.org found that security suites and online Web scanners detected overall only a little more than half of rootkits.
AV-Test.org, an indie security test organization based in Germany, ran two rootkit tests last month, one on Microsofts XP Home
Edition and another on Microsoft Vista Ultimate Edition, the results of which have been published in
a paper now available on the groups Website.
The XP test used 30 active rootkits and 30 pieces of malware using rootkit technologies. Not surprisingly, anti-rootkit tools did the best,
detecting about 80 percent of the rootkits overall, while the security suites found over 66 percent, and online scanners, only 53 percent. Some tools
crashed or hung up after completing the rootkit scans, and those were counted as not detected.
winbeta.org -
15.05.2008Quake 3 in .Net
Coding4Fun: Greg Dolley has done something amazing.
Greg ported id software's video game, Quake 3, to .Net.
I'm going to take a quote from his website
regarding the port
Before I begin explaining the port, Id like to clarify one thing. Someone emailed me last week regarding this port
and judging from his/her message it led me to believe that some people dont understand the difference between a .NET port versus simply compiling a
C++ application with MSVC++ 2008. Heres the difference: taking the Quake III codebase and making the changes necessary so that it will compile with
Visual Studio 2008 is not a .NET MC++ port. That is a C port to a different compiler. Yes, C not C++; the project files included in Id Softwares
codebase are all set to compile as native C. Furthermore, changing the settings to compile everything as C++, then fixing 3,000 compile errors, is
also not, I repeat not , a .NET port. That is a native C++ port of Quake III to a different compiler. Lastly, taking the former C++ build I just
mentioned, turning on the /clr Visual Studio option, fixing 28,000 compile errors with 4,000 warnings, patching all managed to native calls such
that the first run doesnt blue-screen your machine, and finally doing everything else necessary to be able to view the EXE with its supporting DLLs
under ILDASM (the .NET CLR disassembler), now THAT is a .NET port! ;-)
I'm in awe and slightly want to play Quake again.
winbeta.org -
25.01.2008Hacker writes rootkit for Cisco's routers
A security researcher has developed malicious rootkit software for Cisco Systems' routers, a development that has placed increasing scrutiny on the
routers that carry the majority of the Internet's traffic.
Sebastian Muniz, a researcher with Core Security Technologies,
developed the software, which he will unveil on May 22 at the
EuSecWest
conference in London.
Rootkits are stealthy programs that cover up their tracks on a computer, making them extremely hard to
detect. To date, the vast majority of rootkits have been written for the Windows operating system, but this will mark the first time that someone has
discussed a rootkit written for IOS, the Internetwork Operating System used by Cisco's routers. "An IOS rootkit is able to perform the tasks that
any other rootkit would do on desktop computer operating systems," Muniz said in an e-mail interview.
winbeta.org -
15.05.2008Sony to Help Remove its DRM
Rootkit
When Mark Russinovich was
testing his company's
security software last week,
he came across a disturbing
find: a Sony BMG CD he
purchased from Amazon had
secretly installed DRM
software on his PC and used
"rootkit" cloaking
methods to hide it. With the
story sweeping across the Net,
Sony is attempting to clean up
its mess...
betanews.com -
03.11.2005ATI driver flaw exposes Vista kernel to attackers
An unpatched flaw in an ATI
driver was at the center of
the mysterious Purple Pill
proof-of-concept tool that
exposed a way to maliciously
tamper with the Windows Vista
kernel.
Purple Pill, a utility
released by Alex Ionescu and
yanked an hour later after the
kernel developer realized that
the ATI driver flaw was not
yet patched, provided an easy
way to load unsigned drivers
onto Vista effectively
defeating the new
anti-rootkit/anti-DRM
mechanism built into
Microsofts newest operating
system.
In an interview, Ionescu
confirmed his tool was
exploiting a vulnerability in
an ATI driver atidsmxx.sys,
version 3.0.502.0 to patch
the kernel to turn off certain
checks for signed drivers.
This meant that a malicious
rootkit author could
essentially piggyback on ATIs
legitimately signed driver to
tamper with the Vista
kernel.
winbeta.org -
10.08.2007Researchers Discover Rootkit Variation
While there might not be new malicious threats under the sun, there are plenty of new ways to spin old virus attacks. Trend Micro researchers
discovered last weekend a new variation of a MBR rootkit released in the wild, which contains new technology to prevent detection. When combined with
Web threats, the new rootkit is proving to be both a destructive and prolific combination, security experts say.
The rootkit models a
similar virus from several years ago but with one added twist -- the ability to circumvent a lot of anti-rootkit software and remain undetected.
"It's a spin on an old attack," said Jamz Yaneza, research project manager for Trend Micro. "This is typical of virus writers and mothership
authors trying to find ways and means to make it more difficult." The malware then sits on the infected computer unbeknownst to the user, allowing
attackers to infiltrate a system in order to steal passwords, financial information and other personal data.
neowin.net -
27.03.2008Build and manage large-scale C++ on Windows
John Lakos wrote the book on
Large-Scale C++ Software Design more than 10 years ago, but it remains a must read for any serious C++ developer
today.
It doesn't go much into the language. For instance there isn't anything inside regarding dynamic casts and virtual
inheritance. Neither will it tell you how to calculate the factorial at compile time using compile time recursive templates.
winbeta.org -
31.03.2008
