Windows 8 bootkit demo video released

 

Windows 8 has been designed by Microsoft to have added security measures that, in theory, would defeat hackers from being able to boot Microsoft's latest operating system without some protocols in place. Now one person has demonstrated via a new video that he can defeat Microsoft's User Account Control on Windows  8 via a 14KB bootkit called Stoned Lite.

The video comes from a security researcher named Peter Kleissner who, as we previously reported, had already announced his plans to release a bootkit for Windows 8 earlier this week. He made the video as part of the presentation for the MalCon conference in Mumbai, India. Kleissner has previously released a bootkit called Stoned for Windows XP, Windows Vista, Windows 7, and Windows Server 2003 that installed into the OS's kernel in order for the user to gain full access to even encrypted drives within the PC.

This new bootkit does not attack Windows 8's UEFI or secure boot features, according to Kleissner. He also claims to have informed Microsoft about his new Stoned Lite bootkit in advance of the MalCon conference. While he has released a paper and presentation about the new Windows 8-targeted bootkit on his official web site, the actual source code for Stoned Lite has yet to be released to the public.

Report a problem with article
Previous Story

Black Friday 2011: More Xbox Live sales today online

Next Story

Black Friday 2011: Walmart Xbox shoppers hit with pepper spray

24 Comments

Commenting is disabled on this article.

There is one important thing in the whole of this subject YOU MUST MAKE CHANGES AND THEN REBOOT for it to take effect.
WHO is going to be stupid enough to make those changes in the first place, that is why Windows asks you "Do you wish to make these changes?"
Anyone with a brain would say "NO" !!!

So, let me get this straight. A boot kit, that doesn't modify uefi but ONLY the old bios, defeats windows boot up protection, which doesn't come into play when not using secure boot IN CONJUNCTION with uefi.

So what you're telling me is standard bootkit on standard windows install fan be owned flawlessly.

Just so you know Arstechnica was called on this too.

smooth3006 said,
i vomit every time i see that horrid UI.

Don't worry, as Google continues to copy the UI concepts (as they are doing) and other companies like Apple start adopting the UI, you like most people with think it is so beautiful, and then give the credit to Apple and Google.

Windows 3.0, Windows 95, Windows XP, and Vista were also called 'ugly', then as they were copied by others, everyone considered the UI pretty as long as they didn't have to give credit to Microsoft.

thenetavenger said,

Don't worry, as Google continues to copy the UI concepts (as they are doing) and other companies like Apple start adopting the UI, you like most people with think it is so beautiful, and then give the credit to Apple and Google.

Windows 3.0, Windows 95, Windows XP, and Vista were also called 'ugly', then as they were copied by others, everyone considered the UI pretty as long as they didn't have to give credit to Microsoft.

There is nothing wrong with people liking or disliking something; I loved the Ribbon right away, I do not dislike W8 tiles although I am not a diehard fan of the "Touch" mantra, at least not on computers (Real Tablet included), smartphones are a different story though.
I think and hope that W8 UI will improve and some questionable things like the paradigm that every windows has to be full-screen by default, the lack of the option to close a window etc. will be corrected.

Personally I still find this as one of the best GUI concept ever:

http://www.youtube.com/watch?v=iXzY2EU023Y

The fact that each and every company copy from the competition is nothing new and happens in every industry. No one is innocent not even Microsoft which got inspired from Lisa and Macintosh; the latter were, again, inspired by the Xerox Alto and the Xerox Star developed at Xerox PARC.

The bottom line is that having a great idea is only a segment of the process: deliver it in a commercial product and marketing it in the right way are, as well, fundamentals steps.

djdanster said,
So by releasing these bootkits I take it he's a blackhat hacker and not a whitehat?

Actually not because he announced Microsoft about what he found...

This is old news. Furthermore:

- it's irrelevant given that Windows 8 is only a developer preview
- UEFI's security has been compromised, not Windows.

jakem1 said,
This is old news. Furthermore:

- it's irrelevant given that Windows 8 is only a developer preview
- UEFI's security has been compromised, not Windows.


But that program was clearly able to modify system settings and files despite UAC being on with default settings, and it didn't batter an eyelid... isn't that the point?

jakem1 said,
This is old news.

Just because you read it before doesn't mean it's "old news". This is the first time I've heard of it.

.Neo said,

Just because you read it before doesn't mean it's "old news". This is the first time I've heard of it.

The news has been posted on Neowin before, but this video hasn't.

jakem1 said,
This is old news. Furthermore:

- it's irrelevant given that Windows 8 is only a developer preview
- UEFI's security has been compromised, not Windows.


This bootkit only attacks Windows on old-BIOS systems.

jakem1 said,
This is old news. Furthermore:

- it's irrelevant given that Windows 8 is only a developer preview
- UEFI's security has been compromised, not Windows.

You should read the article again.

"This new bootkit does not attack Windows 8's UEFI or secure boot features, according to Kleissner."

TCLN Ryster said,

But that program was clearly able to modify system settings and files despite UAC being on with default settings, and it didn't batter an eyelid... isn't that the point?

No. What you saw just happen was a system using bios and not uefi boot windows and stay out of windows control while doing what it wants to windows. Windows 8 needs uefi with secure boot to start the chain of trust, bios doesn't do that.

TCLN Ryster said,

But that program was clearly able to modify system settings and files despite UAC being on with default settings, and it didn't batter an eyelid... isn't that the point?

The compromise is happening 'below' Windows, when software is running under an OS, it has complete control over the OS, able to circumvent, change/modify, mimic or avoid any action in the OS.

This has NOTHING to do with Windows security beyond the upper layer application tapping the 'rooted' code running, which can be written for ANY OS.