On Thursday, at the HITB ( Hack in the Box Security Conference ) in Dubai, security researchers made a demonstration on how to take control of a computer running Microsoft Windows 7 beta. Vipin Kumar and Nitin Kumar developed a software called VBootKit 2.0 and used it to control a Windows 7 Virtual Machine.
The researchers demonstrated how the software works and managed to take control of the computer while it was booting. They also said that there is no fix for the issue, being a design problem. VBootKit 2.0 exploits a security issue and needs physical access to the computer, not being able to take control of it remotely.
VBootKit 2.0 does not change any files in the operating system and is only 3KB in size, so it’s really hard to detect. Also VBootKit 2.0 will lose control over the computer after it is rebooted.
The software is also able to grant itself the highest privilege level and change the administrator’s password so it can take control of everything on the computer. Afterwards, the password is changed back so the user will not notice anything strange happening.
Vipin Kumar and Nitin Kumar also developed the first version of VBootKit for Windows Vista and it’s able to take control of the computer remotely.