By EVA official Microsoft Windows Vista intends to find a suitable solution that will be able to protect the product from the potential threat.

At the Black Hat conference Rutkovskaya, an expert on the security of Singaporean companies COSEINC, showed that taking the path of overcoming the verification process integrity of the anonymous code, downloading it to the Vista kernel. Then she presented rootkit Blue Pill, which she created, based on the established AMD (Advanced Micro Devices) Virtual Machine of Security.

During a demonstration bypass mechanism authentication device drivers that Microsoft has included in Vista to prevent downloading viruses, Trojan horses, etc. or unauthorized software products, Rutkovskaya said: "The fact that the mechanism has been overlooked, does not mean that the whole Vista is not secure. It simply is not so safe, as stated in the advertisement." She added: "It is very difficult to create a 100% effective protection of the kernel in any common operating system."

In the second part of his presentation at the Black Hat conference. Stealth, a prominent expert on rootkit `s, described in detail the possibility Blue Pill, which allow computer hacking and provide a loophole in security for the attackers. Designed for Vista Blue Pill could be easily adapted to other platforms.

So far, the Blue Pill impossible to detect, said Rutkovskaya, despite that it is continuing to study the possibility for the creation of the discovery of the rootkit `a. She said that the detection software may not be effective, and hardware that are installed in the computer can detect or prevent an attack based on the `e rootkit Blue Pill.

Seriously
Austin Wilson, chief of user support of Microsoft, said that the company believes the statements Rutkovskoy sound, and already are considering ways to address the problem.

Wilson also noted that the attack Rutkovskoy based on the integrity of the audit process bypassing anonymous code requires that the attacker enter the Vista on the Rights of the system administrator. "If you logged in on the Rights of the standard user - it does not work," he said. "But we are still looking for options for blocking attacks of this type."

In his presentation Rutkovskaya suggested several ways that Microsoft can use as a means to solve the problem of verifying the integrity of an anonymous code, and Microsoft intends to consider them.

But, in spite of the situation, not postpone release of Microsoft Vista, even if it's unable to find a solution to this issue.
Q rootkit problem with `th Blue Pill Microsoft is not serious about. Wilson also said: "We are looking for ways to solve this issue and look forward to doing so in the final version of Vista." Microsoft also noted that addressing the issue is not one, but together with Intel and AMD.

"What it showed us is reasonable and credible threat," said Wilson.
The other side of the virtual machine and the `rootkit is that the virtual machine and its control program provides top level management and the operating system can also be seen as a security mechanism in future versions of Microsoft operating systems. "If we consider the issue from the server, the virtualization could allow multiple operating systems to run on the server," said Wilson. But such a prospect calls for the introduction of several years, because so far Microsoft products are very common.