Tags: Windows 8, vulnerability, MBR
Found in Windows 8 vulnerability allows an attacker to overwrite the boot system.
Security researchers have discovered a security flaw in Windows 8, which lets you set the system rootkit. Italian consulting company ITSEC security flaw found after analyzing Unified Extensible Firmware Interface (UEFI), which replaces the BIOS for Windows 8.
As stated in the company, Microsoft has ported to many elements of the UEFI BIOS, including boot record MBR. Senior security researcher at ITSEC Andrea Allievi were able to construct the first known virus, which infects the MBR in Windows 8.
Designed Allievi virus can be written in the Windows 8 UEFI boot and bypass all security mechanisms of operating system that exist today.
“Our boot connected to the machine I / O in the UEFI, and intercepted the boot process of Windows 8, so our core bootkit substituted by disabling security features used by Windows to prevent loading of unsigned drivers,” – said Marco Giuliani from ITSEC .
More information available here
