In the second part of his presentation, Rutkovskaya explained as using virtualization technology can be run malicious code undetected, like work rootkit. She called it malicious code "Blue Pill", reports ZDNet.

"Microsoft is looking for a way to protect Windows Vista demonstrated by the attack. Also, we are working with our partners-equipment producers to prevent such attacks virtualization as Blue Pill, "said a company representative.

At Black Hat Microsoft Windows Vista copies distributed to all visitors to the conference. The company continues to receive feedback testers of the new OS, which is planned output for January.

Presentation Rutkovskoy assembled a full hall, despite the fact that it was held on the last day of Black Hat. For the purposes of their research analyst Coseinc used earlier versions of Windows Vista.

As one of the security measures in the 64 - bit version of Windows Vista has been added mechanism block unsigned drivers. But Rutkowska found a way to circumvent the launch of the code block. Unsigned drivers could potentially pose a serious threat, they are almost entirely poskolku have omitted security system OS, acknowledged experts.

"The fact that the mechanism has been overlooked, does not mean that Windows Vista is not secure. Simply it is not as safe as it is advertised. It is very difficult to create a 100% protection to the kernel, "said Rutkowska.

To realize such attacks Windows Vista to work in administrator mode, Rutkovskaya stressed. This means that its attack could only take place in case of disconnection UAC - the basic security features to Windows Vista. UAC is the main weapon to prevent Microsoft launch malicious code, which could lead to serious problems of the user using the administrative regime, typical of Windows XP.

When asked how she managed to bypass the UAC, Rutkowska said: 'I just confirmed effect. " Since UAC raises too many warning pop-ups, many users will confirm its actions do not particularly think about their actions, says Joanne.

Microsoft said Windows Vista as its most secure operating system for all history. This is the first client version of Windows, which was established in accordance with the full cycle development of a safe (Security Development Lifecycle) - process, which should help to identify holes before finishing product.

"In Windows Vista built multilevel system of protection, including a firewall that works in standard user mode, protected mode IE, support technology / NX, ASLR, which protect against accidental launch of the code-level administrator", the representative of Microsoft.

After his presentation, demonstrated the proper establishment Rutkowska malicious code Blue Pill. Technology, which uses Secure Virtual Machine (Pacifica) of AMD helped hacking protection.

Blue Pill can serve during the black for hackers, said Rutkowska. While it was originally designed for Windows Vista and AMD technology, it can also work on other operating systems and other equipment. "Some people think that my job sponsirovana Intel, as I am focused only on AMD virtualization technology," said Rutkowska, adding that it is a lie.