SEO Forum
Create your own forum and gain full access login Here.

New Attempts to break Windows Security

View previous topic View next topic Go down

default New Attempts to break Windows Security

Post by Admin on Mon Sep 20, 2010 11:41 pm

If you think the virus has been one of the toughest enemies on the net, think again! Oh, well, they actually are!
Anyway, the new serial killer these days are the malicious programs that hacks your information on the web. Matousec researchers outlined the way on how the attackers could make use of the kernel driver hooks to exploit the system.
This discovered tactic known as “argument-switch attack,” shows the
way how benign code is being swapped for malicious code at the time that
the security software gives a ‘go’ signal and there will be an
immediate execution.
As this issue has become very alarming for the internet security, a
lot of thoughts and opinions sprung. Quoting from the vice president of
Immunet engineering, Mr. Alfred Huger:
“This is definitely very serious…Probably any security product running on Windows XP can be exploited this way.”
More to that, he expressed that Immunet’s desktop client is not that
prepared to the switch attacks as it uses a software that runs on a
different method hooking in the Windows kernel.
The argument-switch tactic is really alarming as almost three-dozen
Windows desktop security titles, such that of Symantec, McAfee, Trend
Micro, BitDefender, and Sophos, to mention a few can be abused by this
said killer. This is why, F-Secure chief research officer, agreed that:
“It’s a serious issue and Matousec’s technical findings are correct”
For some antivirus companies downplayed the threat. McAfree believes
that this is not just simple, it is a complicated attack that would need
some required access; Kaspersky, on the other hand expresses that it’s
not only hooks that they implement, all the more they are given the
technological privilege to secure the kernel mode and sandboxing.



Windows Vista SP1 in 2008 brought in APIs
As Windows boasts PatchGuard, the scare continue as this will work
against all user mode hooks and will also work against the kernel mode
hooks if they are installed, for example, after disabling the
PatchGuard.
Attackers may have dropped malware into some target machine just as
to make use of the argument-switch strategy. However, some more studies
noted that it’s not really safe against threatening attempts of
argument-switch usage as hackers would still have to install malware.
avatar
Admin
Sword
Sword

Posts : 164
Points : 1204
Reputation : 0
Join date : 2010-08-27
Age : 32
Location : India

http://www.shaileshtripathi.in

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum