I wondered when one of these would show up. And I wonder how the new EFI boot mechanism will work with these - is there a chance that this same technique could be "exploited" to dual boot the new Intel Mac's and Windows?
I don't know the answer to that, but I do know that we're certain to find out.
According to a story on eWeek, lab rats at Microsoft Research and the University of Michigan have teamed up to create prototypes for virtual machine-based rootkits that significantly push the envelope for hiding malware and maintaining control of a target OS. The proof-of-concept rootkit, called SubVirt, exploits known security flaws and drops a VMM (virtual machine monitor) underneath a Windows or Linux installation. Once the target operating system is hoisted into a virtual machine, the rootkit becomes impossible to detect because its state cannot be accessed by security software running in the target system.
00:00 /Technology | 2 comments | permanent link