AAPL Stock: 118.03 ( -0.85 )

Printed from

Security team shows unfixable Windows 7 hack

updated 01:40 pm EDT, Thu April 23, 2009

Windows 7 hack program

At the Hack In The Box (HITB) Security Conference in Dubai on Thursday, security researchers demonstrated how software they developed can already take advantage of a design problem with the upcoming Windows 7 operating system, allowing them to hack into the system. VBootkit 2.0, created by researchers Vipin Kumar and Nitin Kumar, was used to demonstrate how hackers can take control of a Windows 7 computer while it's booting up. Unlike most exploits, though, the attack is said inherent to Windows 7 and may likely remain with the OS until it's replaced.

"There's no fix for this. It cannot be fixed. It's a design problem," Vipin said, though the attack cannot be done remotely and requires that hackers have physical access to a PC.

The program is just 3KB big and lets attackers change files that are loaded into system memory during the boot process. Because nothing is changed on the hard disk itself, VBootkit 2.0 is hard to detect, Vipin says. Also, rebooting the computer gets rid of the security issue, as system memory is cleared during the process.

Via the software, hackers can remotely control the targeted computer and change their access level to the highest possible. Passwords can also be removed, letting hackers access a victim's files. What's more, the password is restored, so victims are unaware their security was breached.

As the name implies, VBootkit 2.0 is the second such program developed by Vipin and Nitin, as the original was demonstrated back in 2007 and exposed a vulnerability in Windows Vista.

Microsoft hasn't commented on the exploit. [via NetworkWorld]

by MacNN Staff



  1. climacs

    Joined: Dec 1969


    Windows 8!!!

    Never fear, Windows 8 will be the bestest ever! Really, this time for sure!

    But seriously, is this a real threat? It requires physical access to the computer. There's all sorts of mischief which can be done if one has physical access to a targeted computer.

  1. climacs

    Joined: Dec 1969



    OK it loads when booting up. How does it help to re-boot, then? Even if it is cleared from system memory? Am I missing something here?

  1. Wingsy

    Joined: Dec 1969



    C'mon guys. The attacker has to have physical access to the machine for this to work. You might as well come up with a story that Win7 machines are vulnerable to being picked up and carried away.

    The real stories are the remote exploits. More like those please.

  1. eldarkus

    Joined: Dec 1969



    I came out with a great virus. It's pre-loaded on some RAM i have.. all I have to do is install the RAM in someone's machine and it's mine... as long as they dont restart it!!

  1. DeezNutts

    Joined: Dec 1969



    With physical access you can rig a machine so that everytime it boots you 0wNz it!

    Who would have thought!???

    How is this even news?

  1. climacs

    Joined: Dec 1969


    A new Windows virus

    I have created a trojan which can automatically create a new user account on a computer, delete any and all files, and direct a computer's browser to unsafe sites provided that it has physical access to a targeted computer.

    It's called 'a human being'.

  1. hayesk

    Joined: Dec 1969



    This flaw has big impact to corporate users where IT departments need to control the rights employees have on the machines. Imagine a disgruntled employee coming in early, booting up his coworkers' desktop PCs, installing spyware and gathering his coworkers' passwords and other data.

    This is a big deal.

  1. phpmaven

    Joined: Dec 1969


    Complete nonesense

    This is a non-issue. As others have said, this would require physically sitting at the PC and installing a root kit. Also any corporation worth it's salt is going to have it's PCs locked down so that nobody can just sit down and install a root kit.

  1. climacs

    Joined: Dec 1969


    I guess

    these guys had to justify the cost of going to Dubai in order to discuss computer security...

  1. testudo

    Joined: Dec 1969



    How does the software get in system memory to run if the system memory is wiped on boot?

    Sounds like one of those "If someone freezes the memory...." exploits.

    Hey, they're just lucky they didn't do this on a Mac. They'd been creamed. Although they technically didn't do it on a PC, either, they did it in a virtual machine.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented