Master Boot Record pwnage

Subject: General Tech | January 8, 2008 - 09:03 AM |
Tagged:

Slashdot has linked to an article that covers an MBR rootkit that was found in the wild at the end of '07.  Sporting such wonderful features as the ability to be undeleteable, short of repairing your MBR; as well as undetectable through your registry or file system, this could be a bad time to be a hard drive.  Unless the MBR moves to a more secure mode this vulnerability cannot be fixed, and who knows what effect having a protected MBR would have on the formatting process.

"Unfortunately, all the Windows NT family (including Vista) still have the same security flaw — MBR [Master Boot Record]

can be modified from usermode. Nevertheless, MS blocked write-access to disk sectors from userland code on VISTA after

the pagefile attack, however, the first sectors of disk are still unprotected... At the end of 2007 stealth MBR rootkit

was discovered by MR Team members (thanks to Tammy & MJ) and it looks like this way of affecting NT systems could be more

common in near future if MBR stays unprotected

Here is some more Tech News from around the web:

Tech Talk

Source: Slashdot
No comments posted yet.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.