Results 1 to 6 of 6

Thread: Microsoft warned of a new generation of spyware that is almost impossible to detect

  1. #1

    Default Microsoft warned of a new generation of spyware that is almost impossible to detect

    Kernel Rootkits could be the next bad thing

    By Nick Farrell: Friday 18 February 2005, 08:25
    A HITHERTO OBSCURE security expert and software colossus, based in Redmond and called Microsoft has warned of a new generation of spyware that is almost impossible to detect.

    According to Computerworld, Volish experts told the RSA security conference that system monitoring programs, or "kernel rootkits", are undergoing a transformation at the moment.

    Mike Danseglio and Kurt Dillard, both of Microsoft's Security Solutions Group said that the malicious snooping programs are becoming more common and could soon be used to create a new generation of mass-distributed spyware and worms.

    Rootkits run quietly in the background and can be spotted by looking for memory processes that are running on the infected system.

    However, kernel rootkits, which modify the kernel, or core request processing, component of an operating system, are becoming more common, Vole says.

    Newer rootkits can intercept system calls that are passed to the kernel and filter out queries generated by the software. This makes them invisible to administrators and to detection tools, says Danseglio.

    Microsoft researchers have developed a tool, named "Strider Ghostbuster" that can detect rootkits by comparing clean and suspect versions of Windows and looking for differences.

    However the paper admits that the only way to be sure that you have killed a kernel rootkit is to completely erase an infected hard drive and reinstall the operating system from scratch.

    Read more

  2. #2
    Senior Member
    Join Date
    Jul 2002
    Location
    Planet Eropagnis
    Posts
    2,944

    Default

    Da whole OS is an undetectable spyware by itself.... Still need wad 'Kernel Rootkit'?

  3. #3

    Default

    Quote Originally Posted by jsbn
    Da whole OS is an undetectable spyware by itself.... Still need wad 'Kernel Rootkit'?
    Gallery | Facebook Page Spreading the Good photography.

  4. #4

    Default

    An unremovable Spyware? You mean like IE ?

  5. #5
    Senior Member sammy888's Avatar
    Join Date
    Sep 2004
    Location
    Singapore, Singapore, Singapor
    Posts
    1,568

    Default

    LOL....

    Tat is a good one! hahaha....

  6. #6

    Default

    could the warning be because of this >>>

    >>Microsoft has bought two antivirus companies and an anti-spyware company--the latter acquisition has already produced an anti-spyware application for Windows--since Chairman Bill Gates launched the Trustworthy Computing Initiative. That effort changed the company's coding practices to make security developers' first priority. <<<

    instil fear and make more moolah.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •