FYI...

- http://www.informationweek.com/shared/printableArticle.jhtml?articleID=191800426
Aug. 4, 2006
"Microsoft can add a new item to its checklist of security issues that must be ironed out before Windows Vista ships early next year. Under the right conditions, it's possible for a cyberattacker to inject arbitrary code into the Vista x64 kernel and stealthily take control of a user's system, according to one security researcher who demonstrated the process Thursday at the Black Hat conference in Las Vegas. Joanna Rutkowska, a senior security researcher with Coseinc, presented a demo that showed how an attacker with systems administrator-level privileges could trick Windows Vista Beta 2 kernel, x64 edition, into disabling its signature-checking function and allow any unsigned device driver to be loaded onto a user's system. The danger is that the attacker can write malicious code into such a driver, which Vista would then execute. Microsoft uses digital signatures for device drivers to let users know that the drivers are compatible with a given version of Windows. The company's goal with Vista x64 was to ensure that all kernel-mode drivers be signed, although Rutkowska showed how this mechanism could be deactivated... Microsoft claims the potential to execute arbitrary code in the Vista Beta 2 kernel is a problem that's on its road map for correction..."