Windows 8 Boot Security Cracked


An Austrian security analyst has built the first known bootkit that bypasses Windows 8's defenses against installing malware while the operating system is booting.

Peter Kleissner, an independent programmer and recognized security expert, is expected to release his Windows-cracking application at the International Malware Conference (MalCon) in Mumbai, India, scheduled for Nov. 25 and 26.

Microsoft has built into Windows 8 technology that requires authentication of firmware through digital signatures before the programs are allowed to run as the operating system is loading. Firmware is used to wake up the various electronic components in the PC.

Kleissner's bootkit sidesteps the protections to install itself in the Windows kernel, where the application could give a hacker access to the whole system. The Vienna, Austria-based Kleissner has built what he calls "Stoned" bootkits for Windows XP, Vista and 7.

The latest application is only 14 KB, including the driver and bootkit that can attack versions of Windows starting with 2000 through 8, Kleissner said Thursday on Twitter. He may add code that would make it possible to log into Windows 8 using any password. "Nothing new, but nice and fancy," Kleissner said in a tweet. The bootkit can be started from a USB drive or CD.

As the most used operating system in business and the home, Windows is the number one target of malware writers. Kleissner is expected to publish the bootkit's source code, giving Microsoft ample time to plug the security hole.

Microsoft launched in August the Building Windows 8 blog to provide updates on the development of the OS, which is expected to be generally available in 2012. Microsoft is building versions of the OS to run on PCs, tablets and mobile devices.