Roy Schestowitz wrote:
> Microsoft security chief is reassigned
>
> ,----[ Quote ]
> | Microsoft has improved its reputation for security of late, but over the
> | last few months there has been a spike in the number of reported
> | vulnerabilities in its software and the total number of patches issued by
> | the company. On Tuesday, the company issued patches for 26 bugs in its
> | software, the largest single-day patch release in recent memory.
> `----
>
<snip>
>
> http://news.zdnet.com/2100-1009_22-6125274.html
>
> Black Hat Takes Vista to Task
>
> ,----[ Quote ]
> | She demonstrated two potential attack vectors. One could allow unsigned
> | code to be loaded into the Vista kernel. The second vector involved
> | taking advantage of AMD's Pacific Hardware Virtualization to inject a
> | new form of super malware that Rutkowska claimed to be undetectable.
> `----
>
> http://www.internetnews.com/security/article.php/3624861
You might want to take a look at "Blue Pill". The prototype was
Vista,x64 but according to the above Black Hat:
<Quote>
Rutkowska stressed that the Blue Pill technology does not rely on any
bug of the underlying operating system. "I have implemented a working
prototype for Vista x64, but I see no reasons why it should not be
possible to port it to other operating systems, like Linux or BSD which
can be run on x64 platform," she added.
</Quote
This is one that maybe the Linux people should be worried about as
well.
--
Tom Shelton
|
|
