Microsofts Windows Vista Hacked Already ?

Last week Microsoft invited hackers at the Black Hat USA 2006 security conference in Las Vegas to hack into Windows Vista after giving them a tour of the upcoming OS's new security features. Hackers at the show came away impressed with both Microsoft's candor and some of the new security features, although many of them added that the improvements were long overdue. But the real news from the show is that Vista was actually successfully hacked the very day that Microsoft made its Black Hat presentation. And that news has to have Microsoft's customers worried.

Sure, Vista's still in beta, but we're in the release candidate (RC) phase of development now and that supposedly means that the next potential Vista milestone is a build of the product that Microsoft considers a candidate for the final release version. (Reality update: In a bit of name bending, the Vista RC1, still expected this month, will have more in common with a beta release than the final shipping version.)

Windows Vista is feature complete and has been since early this year. Microsoft will no doubt change Vista's security features to prevent the kind of hack that was demonstrated during Black Hat (in which a Polish security researcher used virtualization technologies to bypass Vista's security). But this is exactly the kind of reactive security measure that Microsoft's newly minted and much-ballyhooed security code review was supposed to prevent. It's not hard to imagine other security flaws being exposed after Vista is finalized. What happens then? A monthly deluge of security updates, just like happened with Windows XP.

Joanna Rutkowska, the researcher who demonstrated how to bypass Vista's security, made an interesting comment that pretty much sums up my expectations. "The fact that this mechanism was bypassed does not mean that Vista is completely insecure," she said. "It's just not as secure as advertised. [But] it's very difficult to implement a 100 percent-efficient kernel protection." In other words, Vista will be more secure than XP, but will still face security problems. Thus, the status quo is likely to continue. That's a bad sign.

Rutkowska calls her hack Blue Pill, and it uses AMD's Pacifica virtualization technologies, plus a bit of user interaction--bypassing User Account Protection (UAP) by pressing the Accept button in a dialog box--to pull off its magic. Some people might argue that such a complex series of steps speaks well of Vista's security.

Add to: del.icio.us | Digg