Hacker breaks Windows 8 Secure Boot

By on
Hacker breaks Windows 8 Secure Boot

An Austrian hacker claims to have written a bootkit that circumvents a key security feature in Windows 8.

Peter Kleissner, a programmer and security researcher with a history of finding exploits, said he would reveal details of the attack that bypassed Microsoft’s Secure Boot feature at the international malware conference MalCon later this month.

Kleissner previously designed the Stoned Rootkit that can control systems by using a compromised boot loader to intercept encryption keys and passwords in Windows machines.

The researcher claims Stoned Lite could compromise Windows 8, despite Microsoft’s efforts to block bootkit attacks with Secure Boot.

“Stoned Lite's infector is just 14KB in size, including driver and bootkit attacking [Windows] 2000 to 8. Bootkit can be started from USB/CD,” Kleissner said on his Twitter feed.

The researcher said the bootkit didn’t attack the Unified Extensible Firmware Interface that will replace BIOS in Windows 8 and is intended to prevent malware being loaded into the system during boot up, and instead relies on older code in the OS.

“It's not attacking UEFI or Secure Boot, right now it's working with the legacy BIOS only,” Kleissner said.

This article originally appeared at pcpro.co.uk

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © Alphr, Dennis Publishing

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register


The channel is a juicy hacking target - are you improving security?
YES - recent attacks on MSPs spurred us to action
YES - we're ALWAYS improving our security stance
YES - we've noticed new forms of attack
NO - we're confident our past efforts are enough, but are always vigilant
NO - we don't see the need for change at this time
View poll archive

Log In

Username / Email:
  |  Forgot your password?