.

Hypervisor Rootkit

<<

skel

User avatar

Jr. Member
Jr. Member

Posts: 60

Joined: Wed Aug 30, 2006 11:31 am

Post Wed Oct 18, 2006 10:54 pm

Hypervisor Rootkit

http://www.eweek.com/article2/0,1895,2032661,00.asp

Microsoft's twice-yearly BlueHat summit will kick off with a demo of a virtualization-based rootkit that can be used to defeat the company's PatchGuard technology.


I have abosolutely no idea how a rootkit running on the hypervisor level can be detected by a software running on a less priviladged kernel level.  Such a rootkit is sure to be a killer.
Skel
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Oct 18, 2006 11:00 pm

Re: Hypervisor Rootkit

Microsoft doesn't publicize this to the public that much. But those involved are said to find it invaluable. MS does have a web address for the BlueHat events, but there's not much there. Maybe more will appear after the current fall event:

http://www.microsoft.com/technet/securi ... fault.mspx

Don
CISSP, MCSE, CSTA, Security+ SME

Return to News from the Outside World

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software