Windows 8 Bootkit Might Prove 'Secure Boot' Ineffective UPDATED

The creator of 'Stoned Bootkit' is the one behind the latest discovery

By on November 17th, 2011 10:19 GMT

A security researcher promised to unveil the worlds first Windows 8 Bootkit at the upcoming International Malware Conference MalCon that will take place in India on November 25.

According to The Hacker News, Peter Kleissner, an independent programmer and security analyst, will show his findings which might prove that the highly advertised Secure Boot feature in Microsoft's latest operating system is not that reliable.

Kleissner is renowned worldwide after back in 2009, at the USA Black Hat conference, he presented the Stoned Bootkit, an MBR rootkit that was capable bypassing any encryption software that does not rely on hardware-based technologies.

Kleissner believes that if Bootkits are made from an infector, a bootkit, drivers and plug-ins, which represent the payload, a cybercriminal organization can split up into four teams and each of the groups can handle only one part of an attack.

The MalCon conference will also be an opportunity for him to present his latest paper called The Art of Bootkit Development.

All this comes after in September Microsoft proudly announced the Secure Boot feature that should protect Windows 8 against these kinds of threats.

“Secured boot stops malware in its tracks and makes Windows 8 signi´Čücantly more resistant to low-level attacks. Even when a virus has made it onto your PC, Windows will authenticate boot components to prevent any attempt to start malware before the operating system is up and running,” the Redmond company said at the time.

The conference and Kleissner's presentation will probably bring a number of clarifications that will show us if the Secure Boot feature is actually ineffective or if certain conditions have to be met in order for his attack to function properly.

At the time of writing, the researcher's presence was not confirmed at the event due to some VISA issues which need to be sorted out.

Update. Peter Kleissner was kind enough to provide some details, claiming that Microsoft and the members of the UEFI Forum are doing a good job in securing the boot chain.

Even though his new Bootkit, called Stoned Lite, will only work on legacy BIOS boot procedures, the researcher has some ideas of vulnerable points, but some verifications have to be done in order to tell precisely.

2 Comments