An article written by researchers Christophe Devine and Damien Aumaitre of the European Security Expertise Center claims that hackers might penetrate the 64-bit edition of Windows 7 by going after kernel code stored within the PC’s physical memory. The good news is that a hacker would require direct, physical connection with a system to carry out the invasion.
The investigation leading to the article incorporated using a PCMCIA card gadget that enclosed a custom DMA engine running on a MIPS CPU. The gadget was capable to gain access to the Windows 7 kernel code, modify it, and afterward acquire control over the operating system. This means that the central processing unit as well as OS were bypassed, powerless to avoid malicious DMA requests.
The method isn’t something new: additional researchers have been able to obtain access to Windows XP as well as older versions of Mac OS X through tapping into the system’s DMA using other ports. However the DMA engine used by the recent ‘hacking’ gadget had to be rebuilt from scratch thanks to main changes to Windows 7. Now the lone way to carry out the hack in the present OS is to gain access to the memory using PCMCIA.
Devine and Aumaitre said that the hack can be prohibited through deactivating the PCMCIA driver. Another way of defense is via using an input/output memory management unit (IOMMU)–this can defend physical memory from interferences from devices. Many new CPUs by now contain this technology.
The research, called Subverting Windows 7 x64 Kernel with DMA Attacks, will be accessible at the Hack in the Box security conference (June 29 – July 2). Microsoft has not issued a announcement in regards to this Windows 7 vulnerability.
Source: www.tomshardware.com
One Response to “Windows 7 will let your memory get hacked”
if this is true then windows should do something about it.
or they may already have it fixed on their security patches. I just wish!