SyScan'06 Highlight - Attacking Microsoft New Operating System (Vista)

[thomas48 <thomas48 () singnet com sg>]

This is a brand new presentation and its going public for the very first 
time in SyScan'06.

Joanna Rutkowska, a senior researcher of COSEINC Research, will present 
her latest technique in bypassing and attacking the latest Mircosoft 
Vista operating system kernel.

The presentation will first present how to generically (i.e. not 
relaying on any implementation bug) insert arbitrary code into the 
latest Vista Beta 2 kernel (x64 edition), thus effectively bypassing the 
(in)famous Vista policy for allowing only digitally singed code to be 
loaded into kernel. The presented attack does not requite system reboot.

Next, creation of Stealth by Design malware for Vista x64 will be 
briefly discussed. This will be the base for introducing the new 
approach (codenamed 'blue pill') for writing undetectable malware on the 
latest AMD64 processors. The ultimate goal is to demonstrate that is 
possible (or soon will be) to create an undetectable malware which is 
not based on a concept, but, similarly to modern cryptography, on the 
strength of the 'algorithm'.

A working blue pill will be demonstrated.

Please visit www.syscan.org for more.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/