funsec mailing list archives
Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Wed, 18 Oct 2006 10:09:06 -0400
On 10/18/06, Blue Boar <BlueBoar () thievco com> wrote:
Larry Seltzer wrote: > Isn't any operating system vulnerable to hypervisor-based malware? Yes, if you're running on hardware that has a supervisor mode at least one level deeper than the OS itself uses. And you can get to the privilege mode that allows you to load such a hypervisor. For modern OSes and Intel/AMD processors that support their new hardware virtualization feature, you can load a hypervisor module if you can run from Ring 0, aka the kernel. It's decades old on IBM hardware. Or you can consider Windows 95 to be a hypervisor for DOS.
Are all hypervisors considered to be Operating Systems? Are the creators writing their own kernel and such? just wondering, -JP _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Fergie (Oct 17)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Valdis . Kletnieks (Oct 17)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Dude VanWinkle (Oct 17)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Blue Boar (Oct 18)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Dude VanWinkle (Oct 17)
- RE: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Larry Seltzer (Oct 17)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Blue Boar (Oct 18)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Dude VanWinkle (Oct 18)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Blue Boar (Oct 18)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Dude VanWinkle (Oct 18)
- RE: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Larry Seltzer (Oct 17)
- <Possible follow-ups>
- RE: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Larry Seltzer (Oct 17)
- RE: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Fergie (Oct 17)