Windows RT jailbreak tool released

A few days ago, a software creator known only by his handle "clrokr" figured out a way to allow Microsoft's closed Windows RT operating system to run unsigned ARM-based desktop applications, at least temporarily. Now, another programmer has released a tool that automates this jailbreaking process on Windows RT.

The software creator, known as "netham45", released the batch file earlier today on the XDA Developers website. The exploit itself works by modifying a specific part of the Windows RT system kernel which then can let users change the minimum signing level to run unsigned apps on the OS.

Microsoft has previously stated that while the company does "applaud the ingenuity" that it took to create the jailbreak mod in the first place, they noted that this hack must be used every time a Windows RT system starts up. This is due to the fact that the operation system's UEFI Secure Boot process currently keeps the minimum signing level from being altered on a permanent basis. Microsoft has also said that this mod "... is not a security vulnerability and does not pose a threat to Windows RT users."

It's more than likely that Microsoft is working on a way to close this current loophole in Windows RT, even if the exploit is not a serious one.

Source: XNA Developers via The Next Web | Jail image via Shutterstock

Report a problem with article
Previous Story

Microsoft Xbox exec on Steam Box: selling console hardware "is a really tough business"

Next Story

UK residents can get 800 Microsoft Points for free for trying Now TV

32 Comments

View more comments

ingramator said,

Firefox is open source mate, we don't require the initial devs to port it! Likewise with the chromium project it will take a bit of work but we'll get there! No company is going to start releasing ARM compiled versions of their software but you can sure as hell bet that a crowd of devs/hackers will recompile a lot of OSS!


Yes, rogue developers could do anything, but it will not be Mozilla. Open-source or not, Mozilla themselves can choose to work or not to work.

http://news.cnet.com/8301-1023...firefox-64-bit-development/

I do think it's adorable how easy it is to get post likes just by waving the open source flag, though.

LauRoman said,
Those are already available compiled for arm and probably have been for a very long while, just not for the inbred that is RT, not really compatible with 8 or phone 8.

You are confusing coding and compiling. They are recoded for ARM already.

However, they have NOT YET BEEN COMPILED for Windows 8 ARM.

(This is the same reason a x86 binary from Linux won't run on Windows 8 x86.)

PS Calling Windows RT inbred, is highly inaccurate. Code wise, Windows RT and Windows 8 are fairly identical, just compiled for different architectures. Additionally Windows Phone 8 is identical on most levels, with the added WP application platform running on top. (Windows NT is Windows NT is Windows NT - and code wise is closer from ARM to x86 to x64 than a distribution of Linux compiled separately for ARM and x86.)

Once someone can make a more permanent jail break that you'd just have to run once I don't see this being used too much. It's a start though.

It's a batch file, can't you just stick it in your scheduled tasks to run on startup?

I just checked on my Surface RT and the task scheduler is indeed present and correct and can run tasks at startup, wether or not a user is logged on, and with "highest privileges".

Edit: Just read the instructions, seems a press of the volume key is required at one stage. Wonder if that could be automated in software somehow? Or if it requires the physical key press.

Edited by Ryster, Jan 11 2013, 12:02am :

TCLN Ryster said,
It's a batch file, can't you just stick it in your scheduled tasks to run on startup?

I just checked on my Surface RT and the task scheduler is indeed present and correct and can run tasks at startup, wether or not a user is logged on, and with "highest privileges".

Edit: Just read the instructions, seems a press of the volume key is required at one stage. Wonder if that could be automated in software somehow? Or if it requires the physical key press.

Just a tip from his post (on XDA):

netham45 said,

F.A.Q.
Q) I keep BSoD'ing! What's up?
A) I haven't managed to track down the cause of the BSoDs, except that they seem to happen when the exploit is ran within the first minute or so of the tablet booting and logging in. If you're getting BSoDs, boot your tablet to the desktop and wait 2 or 3 minutes before trying the exploit.

Mines already jail broken from the old process but I tried his batch file and if works fine, I didn't get a BSOD with the automatic method but then again ive only done it once. Anyway this is an awesome breakthrough, Its not entirely necessary that it be permanent because all it takes is for me to run my one custom shortcut and its jail broken! I'm working on recompiling some OSS and hopefully a collection can be made! PM me if you have any that you have compiled

ccoltmanm said,
Cool that Microsoft is cool with it.

This jailbreak is because of MS, they knew about it before it was found and left it open (for now).

TechieXP said,
Sarcasm...right?

Actually they are correct. Users with administration level security can in essence modify whatever they want. The 'lock down' is fairly artificial technically, as it is just settings in Windows that are initialized at load.

I really wish we didn't use the term "jailbreak" with platforms like Windows or Android. It simply doens't fit. Android for example is wide open and allows for full 100% customization of the software. Rooting which is NOTHING like jailbreaking only allows for the device owner to install different ROM's. Jailbreaking doesnt install any roms. It simply changes the file structure of the iOS and the permissions needed to allow the software to be able to do things Android already can do natively.

Windows RT like iOS is closed, that is why they have a pro version which allows for installation of apps you want. Why waste time running ARM versions of apps when you can have the full thing on x86 without doing any work? Seems lame.

Firefox ARM which obviously is avail on Android, which wont run right now on RT is kinda lame compared to its x86 counterpart. I am always amaze at how the hackers find ways to get around locks and chains. But some of it seems to be pointless.This is one of them.

TechieXP said,
I really wish we didn't use the term "jailbreak" with platforms like Windows or Android. It simply doens't fit. Android for example is wide open and allows for full 100% customization of the software. Rooting which is NOTHING like jailbreaking only allows for the device owner to install different ROM's. Jailbreaking doesnt install any roms. It simply changes the file structure of the iOS and the permissions needed to allow the software to be able to do things Android already can do natively.

Windows RT like iOS is closed, that is why they have a pro version which allows for installation of apps you want. Why waste time running ARM versions of apps when you can have the full thing on x86 without doing any work? Seems lame.

Firefox ARM which obviously is avail on Android, which wont run right now on RT is kinda lame compared to its x86 counterpart. I am always amaze at how the hackers find ways to get around locks and chains. But some of it seems to be pointless.This is one of them.

Agreed, however...
People climb mountains because they are there..

Commenting is disabled on this article.