Security Hero Rotating Header Image

BitLocker, TPM Won’t Defend All PCs Against VBootkit 2.0

BitLocker, TPM Won’t Defend All PCs Against VBootkit 2.0

Trusted Platform Modules and BitLocker Drive Encryption can protect Windows 7 computers against a bootkit attack unveiled last week but these technologies won’t be available on a large portion of computers, leaving millions of users unprotected when Microsoft releases its next version of Windows.

VBootkit 2.0 is proof-of-concept code that was unveiled by security researchers Vipin Kumar and Nitin Kumar, of NVLabs, at the Hack In The Box (HITB) security conference held in Dubai last week. The code, which is just 3KB in size, allows an attacker to take control of a Windows 7 computer by patching files as they are loaded into the system’s main memory. Because no software is modified on the computer’s hard disk, the attack is nearly undetectable.

VBootkit 2.0 is an updated version of an earlier tool, called VBootkit 1.0, that can take control of a Windows Vista computer by a similar method.


Leave a Reply

Your email address will not be published. Required fields are marked *