Blue Pill Leaves Vista Vulnerable

Home » News » Security

Blue Pill Leaves Vista Vulnerable

Techtree News Staff, Aug 07, 2006 1821 hrs IST

Windows Vista, the upcoming operating system that Microsoft claimed to be the most secure of all OS, was hacked last week at the Black Hat hacker conference.

Windows Vista, the upcoming operating system (OS) that Microsoft claimed to be the most secure of all OS, was hacked last week at the Black Hat hacker conference.

Reportedly, in order to check the vulnerability of Windows Vista, Microsoft had handed over its test versions to 3,000 researchers in the conference and asked them to try hacking it. A researcher, Joanna Rutkowska, from Coseinc, a Singapore-based security firm, showed how it is possible to bypass security measures in Vista that prevents unsigned code from running.

Rutkowska explained that the security systems in Vista can be sidestepped by using a piece of malicious software she had created and dubbed as Blue Pill. She also admitted that she had to perform the hack in higher privileged administrator mode rather than the lower privileged user account control.

By conducting this activity, the company was hoping to convince the industry that the Vista will be the most secure and malware-proof system in the market. Reportedly, Vista is the first Microsoft products that the company is sending through its "Security Development Lifecycle", which aims at getting rid of all security vulnerabilities before shipping.

Microsoft has now said that it is investigating solutions to help protect Vista against the attacks demonstrated. In addition, the company is also working with its hardware partners to investigate ways to help prevent the virtualization attack used by the Blue Pill.
According to a Microsoft representative, Vista has many layers of defense, including the firewall, running as a standard user, Internet Explorer Protected Mode, NX support, and ASLR that helps prevent arbitrary code from running with administrative privileges.

Related Links

Windows XP Gets 6 More Months

Windows 7 - Microsoft's Next OS

Building a Mid-End HTPC

Tag keywords

Windows Vista operating system Microsoft secure hacked Black Hat hacker conference blue pill

Discussion Board

(52) Comments

Richard Ongler

,Ontario, on Aug 08, 2006 11:11 AM

Looks like the Linux users are starting to get a little jealous that their OS isn't going to be able to claim that it's more secure than Windows anymore.

Nar Matteru

,Louisiana, on Aug 08, 2006 01:14 PM

Umm.. no need for jealousy, as it wont ever happen

Anonymous

,x, on Aug 08, 2006 10:47 PM

^ astroturf? this OS has just very barely even begun to be subjected to pulic scrutiny - we have very little idea what problems are yet to be discovered. So far, all we know is that Microsoft has hyped it as the most secure thing since padlocks - which is obviously a very smart sales pitch, since security is the current software buzzword. Maybe it'll be secure, maybe it won't, but the only people who claim that it positively will be are the Microsoft marketing dept.

Ralph A Bauer

,Houston, Ohio 45333, on Aug 17, 2006 06:36 PM

The name Ongler. Mygreag great g-ma's Obit mentions her name was Ongler. She used the name Maria Angelica Schmacker b. Ger 9-12-1828. Any ideas? Do you have a bit of your familytree worked up. Looking for leads. Ralph

Ralph A Bauer

,Houston, Ohio 45333, on Mar 26, 2008 01:37 AM

The name Ongler. Is it translatable as Angelica? Is it a family name? Have you ever knowen it to be used as a girl's first name? My great great grandmother' name was Maria Angelica (Mary) and her obituary said her real name was Ongler.

raphael

,surabaya, on Aug 31, 2007 04:58 AM

i don't know

vicky_a

,mumbai, on Aug 07, 2006 08:31 PM

Once again its proved that Microsoft is the most unsecured but the widely used OS around the world

Sada

,Denver, on Aug 08, 2006 04:43 AM

Where is it proved...? You can say that if alternate OS'es like Linux are atleast in a usable state. I don't even have my 5 button wireless mouse working after a day of fighting on Ubuntu. I know OSx is exception but then it runs only on Mac boxes.

Kevin

,Raleigh, on Aug 08, 2006 06:05 AM

The catch is, can a normal user actually do day to day business work without a priveledged account? With XP it's not really practical unless you have a serious management infrastructure to distribute patches, software, etc.

mp3228

,noneya, on Aug 08, 2006 06:48 AM

OS X is the best alternative. And no. OS X can run on a 'beigebox PC'. It is what I am typing this on at the moment. A pentium 4 3.0ghz running 10.4.6, and yes. everthing is fully functional, even all the games, and works without bugs.

Dave

,Durban, on Aug 08, 2006 11:24 AM

If you don't have your five-button mouse working, then you've missed something. Because support for as many buttonas as possible has been there for ages. Just like when you plug that mouse in under windows, you need to load up some proprietry crap, you are actually going to have to erad some documentation. Not just start up and hope for the best. The wonderful thing about free software is that if you break it, you can keep both pieces. Stop complaining about a product that is free, and actaully outperforms Redmond's best.

silentphate

,you es eh?, on Aug 08, 2006 11:35 AM

The only reason why Micro$oft is percieved as the most unsecured OS is because it is the most widely used. Therefore it is more targeted than other OSes such as Unix/linux/FreeBSD

Chris

,UK, on Aug 23, 2006 08:18 PM

It isnt insecure though. This will work on all os's

Chris

,UK, on Aug 23, 2006 08:11 PM

This was done with admi. Imagine what anyone could do with admin. Format C y

Dr. Amar

,Ranchi, on Aug 12, 2006 09:21 PM

Very nice, excellent, unique product.

Silver Chandrak

,Pune/Mumbai, on Aug 10, 2006 06:29 PM

remember the first work was written on Unix! Every OS is vulnerable, the only difference is how much efforts you take targetting it, which almost too much being carried out on Microsoft Windows.

Silver Chandrak

,Pune/Mumbai, on Aug 10, 2006 06:31 PM

just a correction.... "first worm"

slappy

,atlanta, on Aug 08, 2006 10:16 AM

One word "BSD"

Matt

,Elsewhere, on Aug 08, 2006 10:38 PM

You said it man.

SlipperyChicken

,Guelph, Ontario, on Aug 10, 2006 11:46 AM

Heck yes !

p0wrd_8y_ap4thy

,Plano, on Aug 08, 2006 06:47 AM

As a gentoo linux user, I gotta say that I'm not particularly a fan of Windows, but ANY operating system with as much attention as Windows receives would be completely hacked in no time. If everyone was anticipating the release of another OS (even something as secure as openbsd) like they do with windows IT would be hacked. Every black hat on the planet is gonna pick this thing apart as soon as its released. In fact I'm sure they already are with the beta releases.

Andrew D

,Port Macquarie, Australia, on Aug 09, 2006 02:17 AM

Of course this is good for GNU/Linux and the BSDs because as long as we don't have the attention we can prepare...

Pinky

,Brain, on Aug 09, 2006 12:38 PM

> we can prepare.. Only thing is, it's open source, so we don't. Just take a look at the file permissions system. Microsoft is 'lightyears' ahead with inherited ACLs. It's hard to even compare to the standard of Unix systems worldwide. There's such a plethora of per-file ugo rights on any single system that just trying to scrutinize the security layout is a major issue in itself.

coolman_nyc

,nyc, on Aug 08, 2006 10:24 PM

what ever happens windows is windows its gonna a mass hacked one way or another

Marcus

,Kochi, on Aug 08, 2006 10:23 PM

As long as humans write code there will be bugs in software. If the so called hackers and security reseachers were to develop an OS do you think it would be free of bugs. Nothing but bull

Andre

,Anaheim, on Aug 08, 2006 05:17 AM

This 'vulernability' requires admin level access... Show me any OS that I cannot compromise if I have admin/root access!

anonymous

,northfield, on Aug 08, 2006 09:04 PM

Although I agree that most OS's could be compromised easily from a root/admin account, these sorts of hacks could end up being a problem. When combined with an escalation of privelege flaw the system could be compromised from a user account. Since they've even discovered escalation vulnerabilities in OS X, I imagine Vista will have its fair share.

Carlos

,Lisboa, on Aug 08, 2006 09:57 PM

ok. try SELinux or appArmor

Sandy89

,Chennai, on Aug 07, 2006 08:27 PM

that's a sore blow alright

adrian

,dayton, on Aug 08, 2006 01:23 AM

Are you guys complete idiots? This hack only works if you specifiacly give it admitistrator priviliges when it runs. It acutally shows how secure Vista is compared to any other version of windows (and even Linux). Give me the root password to your Linux box and we'll see what I can do...

David

,Toronto, on Aug 08, 2006 05:33 AM

Well, the Linux/Unix argument would apply only if Windows Vista would be an Unix system and we are talking about the root account. It could either be a security bug or not. It just depends if admin users are assumed to be allowed to perform the undesired action. In case of Unix system, the root user is allowed to do anything. In case of Windows Vista, what is the admin user allowed to do? Everything? I don't know Windows enough and I have never used Windows Vista. So, I cannot answer that question.

silentphate

,you es eh?, on Aug 08, 2006 11:43 AM

Taken directly from Vista admin group description "Administrators have complete and unrestricted access to the computer/domain"

Carlos

,Lisboa, on Aug 08, 2006 09:55 PM

I will give you a console and my root password and you CAN'T do anything bad to my servers.

Ayyappa Naguban

,Mumbai, on Aug 07, 2006 11:11 PM

ajith & vicky have nothing better to do it seems.. sour grapes...

vipernicus

,, on Aug 08, 2006 07:54 PM

My name is Ayyappa Nagubani, and I like to make personal attacks on others. In other news, we all have our personal preferences. Windows can be secure or unsecure. Linux can be secure or unsecure. An OS is not a religion, it is a lifestyle.

The Fox

,Boston, on Aug 08, 2006 05:58 PM

The bottom Line for any computer OS is they where all written by humans. which inherently makes them bound to have mistakes in them. When the brilliant minds of the black hats write there own OS. maybe big bad Microsoft can hack them. Until then Use the OS of your chose. I will sleep better at night knowing your all worried about my Vista machine.

x y

,Washington DC, on Aug 08, 2006 05:42 PM

Blue Pill is a virtualized root kit techology that works against any and every operating system, including Windows, Linux, OpenBSD, etc.

Dragonetes

,Barcelona - Spain, on Aug 08, 2006 03:08 PM

hey, you see like kids with the fXXking battle between Win and Linux. Both will have vulnerabilities until the end of the days.

Jeremy

,Atl, on Aug 08, 2006 12:07 PM

Not a major vuln but one none the less. There is a take home - Vista uses a layered defense in depth. I use all the OSes and may be *nix biased but give credit where credit is due. This is by far one of the best OSes out there now. Pick up your socks *nix and BSD which is 3 words BTW.

Linux Lover

,Ankleshwar, on Aug 08, 2006 12:25 AM

I love LINUX

Will Smiff

,West Philidelphia, on Aug 08, 2006 05:21 AM

Are you an idiot? Vista isn't supposed to have a "root" account. Administrator doesn't--or isn't supposed to--give you unfettered access to the system. In a typical Unix system, no access checking is done for UID 0 (aka "root"), period. In SELinux or Windows Vista, there is no "super-user". Thus, even w/ Administrator this is a legitimate break of the kernel's authorization mechanisms.

silentphate

,you es eh?, on Aug 08, 2006 11:40 AM

I love linux and i love windows. I gotta have my games ;-)

Hanz Kurzweil

,Inglewood, on Aug 08, 2006 01:35 AM

Why does one, with the apprehension of the inconsequential relativism of existential narcissism, expect prepubescent shannaniginisms to quantitatively codify the coitus maximus of foolhardiness?

Dave

,Durban, on Aug 08, 2006 11:27 AM

Why does another, with pontification and prancing, perambulate across the highway of life, leaving foul coulds of gaseous matter from his rectum; or is that his mouth?

JohnG

,Melbourne, on Aug 08, 2006 11:33 AM

Couldn't have put it better myself!

Max

,Portland, on Aug 08, 2006 08:34 AM

Anything is hackable if your Root. Not all that impressed.

silentphate

,you es eh?, on Aug 08, 2006 11:32 AM

I agree. Running unsigned code from the root account doesnt seem all that impressive.

Anonymous

,Sydney, on Aug 08, 2006 11:20 AM

windows have rebuilt their tcp/ip stack...this is bound to have security holes in it due to its age...Plz...linux/Uix/BSD properly configured will kill windows

ajith

,TVM, on Aug 07, 2006 10:49 PM

MS OSs are crap anyway...

mp3228

,noneya, on Aug 08, 2006 06:51 AM

agreed.

Ado

,Gold COast Australia, on Aug 08, 2006 06:04 AM

ANything is hackable i reckon there is now such thing as perfect code or perfect hardware for that matter, if someone wants in bad enough they will figure it out.

Lex Luther

,brooklyn, on Aug 08, 2006 05:40 AM

Anything can be hacked if need be your all complete slaves

Opinion Poll

Which desktop web browser do you use?
Internet Explorer

Firefox

Chrome

Safari

Opera

Other (specify in comments)
Poll Results View Previous Polls