'Purple Pill' Exposes Unpatched Flaw Affecting ATI & Vista

A security researcher developed a proof-of-concept utility called Purple Pill designed to demonstrate a method for circumventing Vista's kernel and anti-rootkit defenses and smuggle malware via device drivers. What he didn't realize, until after he released it, is that Microsoft has not yet patched this hole, and that drivers from video display card manufacturer ATI are impacted. A large percentage of Vista computers, and possibly as much as half of the Vista laptops, rely on ATI drivers so the inadvertent release of Purple Pill poses a problem for both Microsoft and ATI. For more details about the flaw in Vista and the Purple Pill utility, read ATI driver flaw exposes Vista kernel from The Register.

Source:
http://netsecurity.about.com/b/a/256881.htm

Trackbacks

Trackback URL for this entry is: http://blog.case.edu/lou.changeri/mt-tb.cgi/14888

Comments

Post a comment





If you have entered an email address in the box, clicking this checkbox will subscribe your email address to this entry so that you are notified if any updates or additional comments occur on the entry.