Results 1 to 2 of 2

Thread: VM Rootkits: The Next Big Threat?

  1. #1
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Watching Your every move...

    VM Rootkits: The Next Big Threat?,1895,1936666,00.asp

    Lab rats at Microsoft Research and the University of Michigan have teamed up to create prototypes for virtual machine-based rootkits that significantly push the envelope for hiding malware and that can maintain control of a target operating system.

    The proof-of-concept rootkit, called SubVirt, exploits known security flaws and drops a VMM (virtual machine monitor) underneath a Windows or Linux installation.

    Once the target operating system is hoisted into a virtual machine, the rootkit becomes impossible to detect because its state cannot be accessed by security software running in the target system, according to documentation seen by eWEEK.

    The prototype, which will be presented at the IEEE Symposium on Security and Privacy later in 2006, is the brainchild of Microsoft's Cybersecurity and Systems Management Research Group, the Redmond, Wash., unit responsible for the Strider GhostBuster anti-rootkit scanner and the Strider HoneyMonkey exploit detection patrol.

    *Lots more at the link*

  2. #2
    Near Life Experienced TZ Veteran zipp51's Avatar
    Join Date
    Oct 2002
    Is that VM Microsoft's version or VMware's version of the virtual machine?VMware says their version is virus proof.
    The definition of insanity is doing the same thing over and over again and expecting different results.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts