Expect a break in after Vista's release, says security expert...
By Joris Evers
Published: 13 October 2006 09:15 GMT
PatchGuard, a Microsoft technology to protect key parts of Windows, will be hacked sooner rather than later, a security expert said on Thursday.
Hackers will break through the protection mechanism soon after Microsoft releases Windows Vista, Aleksander Czarnowski, a technologist at Polish security company Avet Information and Network Security, said in a presentation at the Virus Bulletin event in Montreal.
Czarnowski said: "It will probably take a year or so for it to surface publicly but I believe it will be broken earlier. PatchGuard will be broken pretty soon after the final version is released... A lot of people who would break it will probably not make it public immediately."
Microsoft designed PatchGuard - also called kernel patch protection - to safeguard the Windows kernel against malicious code attacks. Cyber crooks have found ways to exploit the innards of Windows for malicious purposes, making the protection offered by PatchGuard key to securing the operating system, Microsoft has said.
The technology applies only to 64-bit versions of Windows and debuted last year in Windows XP x64 Edition. However, while that Windows version was never broadly adopted, PatchGuard is set to become used more widely, when Vista hits store shelves in January and people are expected to buy PCs with 64-bit processors and 64-bit versions of the operating system.
Stephen Toulouse, a program manager in Microsoft's Security Technology Unit, wrote on his blog last week: "Kernel patch protection is not a silver bullet. We're not saying no one will ever crack it. The point is that the situation as it exists now… attackers don't need to do any work to access the kernel at the highest level. At least with kernel patch protection, we're trying to prevent that."
There have been some claims that PatchGuard has already been compromised but Microsoft has denied this. Toulouse wrote: "We're not aware as of right now that people have circumvented it."
If PatchGuard is ever circumvented, Microsoft would fix the issue with a software update, Toulouse wrote. "Kernel patch protection can become more resilient over time due to the combination of hardware and software advancements," he added.
Joris Evers writes for CNET News.com
The role will require specific experience working at the Kernel level of the operating system, along with C or C++ coding. Key Skills: C/C++ Embedded ...
My clientis a global leader in information security providing complete security utilizing its encryption technologies to protect communications, ...
You will be working on the most lucrative patch in the UK so your earning potential is gigantic. The company provides the full range of security ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy