Anti-rootkit safeguards and methods of their bypassing presented at Virus Bulletin 2006

by Aleksander Czarnowski (Avet),

Tags: Security

URL : http://www.virusbtn.com/conference/vb2006/abstracts/Czarnowski.xml

Summary : With the XP and 2003 lines of the Windows operating system Microsoft introduced several
safeguards aiming at protecting the system form malware including rootkits. This paper will
look into the technical aspects of those safeguards, analyse their efficiency and weaknesses.
In addition, the impact of the introduction of these safeguards on rootkit technology will be analysed.
Secondly, further safeguards proposed and included in the x64 platform and Vista operating system
will be inspected.
All of this is done to try to answer the simple question: is the era of
kernel rootkits coming to an end on Windows platforms?