“Unfortunately, all the Windows NT family (including Vista) still have the same security flaw — MBR [Master Boot Record] can be modified from usermode. Nevertheless, MS blocked write-access to disk sectors from userland code on VISTA after the pagefile attack, however, the first sectors of disk are still unprotected… At the end of 2007 stealth MBR rootkit was discovered by MR Team members (thanks to Tammy & MJ) and it looks like this way of affecting NT systems could be more common in near future if MBR stays unprotectedHere is some more Tech News from around the web:
- Mass Hack Infects Tens of Thousands of Sites @ Slashdot
- Cryptographically Hiding TCP Ports @ Slashdot
- Hacking Your Xbox 360 Fan @ ExtremeTech
- HOW TO – Noise-reduce your HDD @ MAKE:Blog
- Most new PCs shipped without Windows Vista in 2007 @ The Inquirer
- More Bad News for HD-DVD. Now Paramount @ PC Mechanic
- How To Become a Web Host @ Technibble
- What Works and What Doesn’t When Trying To Get a Tech Job @ PC Mechanic
Master Boot Record pwnage
Slashdot has linked to an article that covers an MBR rootkit that was found in the wild at the end of ’07. Sporting such wonderful features as the ability to be undeleteable, short of repairing your MBR; as well as undetectable through your registry or file system, this could be a bad time to be a hard drive. Unless the MBR moves to a more secure mode this vulnerability cannot be fixed, and who knows what effect having a protected MBR would have on the formatting process.
