While Microsoft talked up Windows Vista security at Black Hat, a researcher in another room demonstrated how to hack the operating system.
Joanna Rutkowska, a Polish researcher at Singapore-based Coseinc, showed that it is possible to bypass security measures in Vista that should prevent unsigned code from running.
And in a second part of her talk, Rutkowska explained how it is possible to use virtualization technology to make malicious code undetectable, in the same way a rootkit does. She code-named this malicious software Blue Pill.
“Microsoft is investigating solutions for the final release of Windows Vista to help protect against the attacks demonstrated,” a representative for the software maker said. “In addition, we are working with our hardware partners to investigate ways to help prevent the virtualization attack used by the Blue Pill.”