Saturday February 11, 2012 9:10 AM AEST

Atomic MPC > News > Build > Operating Systems > Windows 7 already inherently flawed

Windows 7 already inherently flawed

By Justin Robinson
10:40 Apr 27, 2009 | 17 Comments
Tags: Windows | 7 | unfixable | hack

Essential Linkage: Windows 7 has an unfixable hack/exploit?

Everyone has heard of the latest Microsoft cash cow, Windows 7, and you've probably heard that we're excited for it - so much in fact that we sit here and daydream about it.

It seems that even though it looks to be everything that Vista should have been, it's not without problems.

A security team at Hack In The Box (HITB) in Dubai announced last Thursday that a simple exploit can be run in a very sneaky way to gain control over the entire boot process, and ultimately the computer.

It works by piggybacking on to boot files, and loads itself into the system memory upon boot to change files. As there is nothing written to the HDD it's almost impossible to glean any information about the presence of the bug at all.

Amazingly the actual hack (called VBootkit 2.0) is only 3KB in size, and is only compatible with Windows 7, but also cannot be fixed thanks to how the OS was coded.

Head to NetworkWorld for more on this, and fingers crossed we don't get inundated with hacks at launch.

Behind the scenes with Mass Effect 3! GTX 560 VGA round-up! Essential Skyrim tweaks to improve your game! Plus reviews, news, hardware, more games, and easy to following modding guides for PC builders. ON SALE NOW!

Ads by Google

17 Comments

Trekker Apr 27, 2009 12:44 PM	shit this i not a good start to my hopeful xp successer
.:Cyb3rGlitch:. Apr 27, 2009 12:46 PM	"but also cannot be fixed thanks to how the OS was coded" It's still in development, they could fix it if they really wanted to.
ahsoka Apr 27, 2009 12:53 PM	Is this as dangerous as the at 24hourTime1minuteAheadOfWhatItIsNow /interactive "cmd.exe" bug in XP that Microsoft still hasn't fixed?
CptnChrysler Apr 27, 2009 2:17 PM	Let's see now. You need physical access to the machine, no files are written or altered on the hard drive so a reboot will remove the hack. I'm not seeing too much of an issue here for 99% of users. If an attacker has physical access to you machine your 'rooted' anyway.
matt110 Apr 27, 2009 4:42 PM	"For the attack to work, an attacker must have physical access to the victim's computer. The attack can not be done remotely." It's no big deal.
ahsoka Apr 27, 2009 6:52 PM	CptnChrysler, and matt110: you'd be surprised how easy it is to gain physical access to a computer, especially in large buildings.
strifus Apr 27, 2009 7:22 PM	Ashoka, if there are security measures in place, then people shouldnt be gaining access in the first place. Read here that the hack is essentially on a virtual machine and also, if youve been in the IT business long enough, which I assume you have been, most OS's have a vulnerability of some sort somewhere in the code. I am tending to agree with chrysler on this one...in 99% of cases, its not much of an issue.
Periander Apr 27, 2009 7:29 PM	Heh, with enough time and physical access, you could hack anything, probably far more easily than this.
Tezlin Apr 27, 2009 10:09 PM	For a homePC, I'm thinking that physical access won't be too much of a problem. At a business office, with hundreds of computers, there is a large chance that someone could have an urge....unless all the businesses stick with XP. >.>
Lazzarus2nd Apr 28, 2009 2:47 AM	Wheeeee!! Long Live Vista! The operating system I have no problems with what-so-ever.
B82R3S Apr 28, 2009 10:10 AM	yeah, seeing as its not a remote exploit im not fussed
battlefield_gir Apr 28, 2009 10:17 AM	I would love to learn how to hack, to find flaws and ways around things, like a virtual rubix cube with a virtual screwdriver to open it up etc. Would be a great puzzle.
Khirareq Apr 28, 2009 11:55 AM	And if it is a large Business scene - Stiff shit to the "big business" that thinks storing data on local machines is a good idea In a big business enviroment, gaining access to a machine shouldnt mean shit anyways - Should still need a valid account to gain access to servers and network resources
ahsoka Apr 28, 2009 1:36 PM	strifus: no, I haven't been in the IT industry at all. But speaking from my own personal experience, it is often ridiculously easy to get into places you're not meant to get in to. Trust me on that :)
Periander Apr 29, 2009 6:50 AM	Can I have my DVD player back please ahsoka?
Kastoli Apr 30, 2009 11:18 AM	I guess we'll see when they finally release it if it tops good ol' xp.
fliptopia Apr 30, 2009 9:01 PM	ok it needs physical access now but how long before a rootkit style virus gets on your computer, hides itself and loads this on startup every time. It's going to be a pain in the arse if that sort of thing happens.

Comments have been disabled on this article.

Latest Competitions

Thermaltake kicks off your gaming year with a BANG
Thermaltake has started off the new year with a bang by giving away a Tt eSport Theron Laser mouse to not one or two, but TWENTY lucky Atomicans!

Atomic Magazine

Issue: 133 | February, 2012

Atomic is a magazine aimed squarely at computer enthusiasts, gamers, and serious PC upgraders.

Every month we bring you the latest reviews of new technology and PC components, in depth features on everything from overclocking to console hacking, and gaming previews and interviews.

What's in this issue?