Vista DRM = rootkit?

A security researcher has released a program that shows how digital rights management processes in Windows Vista could be used to hide malicious software, rootkit-like behavior. Alex Ionescu developed the program, called D-Pin Purr, to show that Vista features designed to protect media files can also be used to protect other kinds of files. This […]

A security researcher has released a program that shows how digital rights management processes in Windows Vista could be used to hide malicious software, rootkit-like behavior. Alex Ionescu developed the program, called D-Pin Purr, to show that Vista features designed to protect media files can also be used to protect other kinds of files. This could also include malicious software.

"It is trivial to make a process protected or unprotected by bypassing all the code integrity checks and sandbox in which protected processes are supposed to run," Ionescu wrote. "I think it's time to signal a wake-up call to all the developers who were counting on simply ignoring protected processes and assuming they're legitimate media applications."

View: Full post

Microsoft, Windows Vista, DRM, Vista DRM, Rootkit, Security, Researcher