Vista kernel patch upsets some developers

By Justin Mann on
Microsoft recently released an update to the Vista kernel in an attempt to disable a dangerous security exploit discovered this summer. The patch, while it fixes the primary cause of the exploit, seems to be causing more trouble than it is worth. The source of the problem lied in that user utilities could gain raw access to the hard disk, a feature that many programs (not all of them good) take for granted. The patch removed this feature, but this ended up causing issues with legitimate programs:

Windows Vista Release Candidate 2 frustrates this attack by blocking write-access to raw disk sectors for user mode applications, even if they are executed with elevated administrative rights. Rutkowska writes that Microsoft's fix is fraught with difficulties because it prevents legitimate applications, such as disk editors and recovery tools, from functioning without their own signed kernel-level driver.
As the article brings out, the fix blocks one door, but another could potentially swing open. Instead of using the standard methods, now certain drivers (such as IDE or SATA drivers) may be attacked, looking for a way around the block. According to some, Microsoft was presented with other, easier solutions, but opted for this. Will that be their ultimate choice? If so, it will mean that many programs, such as defragmenters will have to be rewritten in order to function.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.