Vista DRM could hide malware

A security researcher has released a proof of concept program that hackers could use to exploit Windows Vista digital rights management processes to hide malware.

Alex Ionescu claims to have developed the program D-Pin Purr v1.0 that will arbitrarily enable and disable protected processes in Vista, Microsoft's latest operating system.

Screenshots on Ionescu's blog suggest the program can be run successfully. Ionescu included stack information related to one of the processes that is by default protected on Vista. Try to retrieve that information using Process Explorer and you get an error message. In Ionescu's screenshot, taken after allegedly removing the protection, the information is visible. Vista DRM could hide malware - ZDNet UK

Linked by shanmuga Friday, 13th April 2007 1:11AM