New defense mechanism Windows 8.1 can be hacked - experts
The next generation of Microsoft PatchGuard (or Kernel Patch Protection) to protect key components of Windows 8.1 has significant enhancements that prevent hacking attacks. However, the results of the safety analysis conducted by experts from the Research Center Positive Research, suggests a number of weaknesses that allows an attacker to bypass these mechanisms to implement and even completely neutralize the system of protection.
A study Brand Ermolova and Artem Shishkin, published on the website Positive Technologies, provides several attack scenarios, allow compromise KPP. Potential attacker with sufficient qualifications, can write a driver that will selectively apply one or more of the techniques and thus completely blocking mechanisms KPP, allowing you to make modifications to the structures and unimpeded kernel code. In his work, experts note that PatchGuard is nevertheless very promising tool for the protection and laid him in mechanisms contribute significantly to the stability of the system.
Also stresses that innovations of this instrument are demanding more skill the attacker to determine workarounds: the development of KPP elements were used obfuscation using macros and other anti-debugging techniques prevent the reconstruction code, and also introduced technology virtually eliminates static analysis.
.jpg)
