You are here: silicon.com > Software > Security Strategy

Security Strategy

Hackers 'will crack Windows security tech soon'

Expect a break in after Vista's release, says security expert...

Tags: windows vista, vista, hackers, security

Printer Friendly Email Story RSS

By Joris Evers

Published: 13 October 2006 09:15 GMT

PatchGuard, a Microsoft technology to protect key parts of Windows, will be hacked sooner rather than later, a security expert said on Thursday.

Hackers will break through the protection mechanism soon after Microsoft releases Windows Vista, Aleksander Czarnowski, a technologist at Polish security company Avet Information and Network Security, said in a presentation at the Virus Bulletin event in Montreal.

Czarnowski said: "It will probably take a year or so for it to surface publicly but I believe it will be broken earlier. PatchGuard will be broken pretty soon after the final version is released... A lot of people who would break it will probably not make it public immediately."

Microsoft designed PatchGuard - also called kernel patch protection - to safeguard the Windows kernel against malicious code attacks. Cyber crooks have found ways to exploit the innards of Windows for malicious purposes, making the protection offered by PatchGuard key to securing the operating system, Microsoft has said.

The technology applies only to 64-bit versions of Windows and debuted last year in Windows XP x64 Edition. However, while that Windows version was never broadly adopted, PatchGuard is set to become used more widely, when Vista hits store shelves in January and people are expected to buy PCs with 64-bit processors and 64-bit versions of the operating system.

Stephen Toulouse, a program manager in Microsoft's Security Technology Unit, wrote on his blog last week: "Kernel patch protection is not a silver bullet. We're not saying no one will ever crack it. The point is that the situation as it exists now… attackers don't need to do any work to access the kernel at the highest level. At least with kernel patch protection, we're trying to prevent that."

There have been some claims that PatchGuard has already been compromised but Microsoft has denied this. Toulouse wrote: "We're not aware as of right now that people have circumvented it."

If PatchGuard is ever circumvented, Microsoft would fix the issue with a software update, Toulouse wrote. "Kernel patch protection can become more resilient over time due to the combination of hardware and software advancements," he added.

Joris Evers writes for CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Related Links

Attackers 'making hay with Windows flaw'

McAfee slams Microsoft for keeping keys to Vista

Vista to pack anti-piracy punch

Vista to get no-frills Windows' features

Microsoft patches patch delivery system

Microsoft shuffles its security deck

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Tim Ferguson Exclusive: Former MySQL boss Marten Mickos talks open source Why Microsoft could become one of the "biggest friends of open source" and why Oracle getting its hands on MySQL could be "one of the biggest open source coups ever"...

Naked CIO Naked CIO: Cloud computing more expensive than we thought? Smart IT leaders will examine the impact of how they pay for tech

UK ID cards rollout hit by delay as launch date revealed

Bletchley Park's World War Two codebreakers in their own words

'You're responsible for your own wi-fi security' say ISPs

'UK must up privacy safeguards following Phorm'

The top 10 technologies you need to plan for next year


  • Jobs
sales executive - manned guarding - 70K

You will be working on the most lucrative patch in the UK so your earning potential is gigantic. The company provides the full range of security ...

SC Cleared Engineer - Gloucester - EPOS - DESKTOP

SC Cleared Engineer - Gloucester - EPOS - DESKTOP ESSENTIAL SKILLS Valid UK Driving Licence Proven experience as a hardware engineer in Desktop, ...

Sales consultant - Security - 40,000

You will be inheriting the best patch in the country and your earning potential is huge. They can handle the full range of security solutions from ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

CEO Dashboard Management: Why Creating Visual Reports You Can't Hide From Will Help...

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

The Truth About Wasteful Spending on Software: How to Stop Giving Your Software Vendors...

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


Pay for IT chiefs weathers the storm

Illegal downloaders crackdown: Digital Economy Bill to cut them off

Salesforce.com makes more friends in the cloud

Google sheds light on netbook plans for Chrome OS

How to squeeze the last drops of savings from an outsourcing contract

Salesforce.com plans social networking for business




Quick Sitemap Links: