In case you didn't know, the computer security world changed a few weeks ago. This is the first really NEW exploit method in about 4 years (Last one I recall was Melissa)...

http://www.theregister.com/2007/04/26/vbootkit_authors_interview/

Read the article a few times. The implications are staggering.

Another nail in the coffin of Windows Vista? Or just a stake through the heart of the Microsoft plan for world domination?

Thanks John, i missed this article.

Thanks John. So now you know, Darlene. :eek:

Annabel

I noticed in the article that those two individual said that most antivirus progs don't scan for boot virii anymore. It should be noted that the free AVG antivirus that I've always pointed out the existance of DOES indeed scan for boot malware and it shows the progress of such as the system boots.

And think. If the kernal can be patched on boot, you can also take a scanner off line before the next boot. Depending on what sort of attack you are perfoming, you might also ignore the boot sector completely....patch it once, make a change to the TCP stack, telnet stack, or *whatever*. Reboot and the exploit vanishes. Then you are one PXE boot (network initiated..Can you say "Wake on LAN"?) from owning the system whenever you need it...and all the scanners in the world won't stop it.

Also, note that bit that it could potentially be flashed right into a BIOS. That loads before bootsector, and I don't want anti-virus prodding my BIOS even if it can...

The real fix (TPM module on the system board) is a scary as the vulnerability itself if you are as big-brother-paranoid as I am...

Scanners are not the answer, anymore than running to the doctor for another shot in the butt because you keep getting the clap is a viable healthcare plan. Scanners have thier place, but it would be a helluva lot better to just not use a compromised platform in the first place...

In all honesty the -only- way to completely foolproof your system is to never get on the internet and never introduce new data to it in any way. :( No email. No internet. No new software from anywhere in any way unless you produce it yourself on that very system. Better to just not have a computer system at all and then you never have to worry about such things.