Windows flaw may hide malicious software
Results 1 to 7 of 7

Thread: Windows flaw may hide malicious software

  1. #1
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416

    Windows flaw may hide malicious software

    Bring on the updates . . .


    Published: August 26, 2005, 5:11 PM PDT

    By Joris Evers
    Staff Writer, CNET News.com

    Misscreants could hide their malicious software on a Windows PC by using overly long registry keys, security experts have warned.
    http://news.com.com/Flaw%20may%20hid...3863&subj=news


    More from SANS . . .

    http://isc.sans.org/
    .

  2. #2
    Banned
    Join Date
    Jun 2005
    Posts
    445
    That does nothing to hide the malicious software. All it does is prevent certain AV's and whatnot form detecting it.


    The keys are still in plain sight.

    Just use regedit like a good little hax0r.

  3. #3
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    Hidden from AV's isn't hidden enough ??

    You're right, but most people don't cruise the registry to see if anything is there that they don't want. If monitoring software can't see it and it doesn't bring attention to itself, it is as good as invisible.
    .

  4. #4
    Banned
    Join Date
    Jun 2005
    Posts
    445
    I believe that this security risk would fit under the topic of "ignorant user"?

    You pay $1k+ for a machine that you don't even bother to learn the basics of?

  5. #5
    Banned
    Join Date
    May 2005
    Posts
    173
    Never mind the fact that most home users go about their day to day under a full administrative account and allow any number of system critical files to be changed. Atleast this way the system will be clean... because the OS said so.

  6. #6
    Originally posted here by d0pp
    That does nothing to hide the malicious software. All it does is prevent certain AV's and whatnot form detecting it.


    The keys are still in plain sight.

    Just use regedit like a good little hax0r.
    The point is that you can't see them with regedit, and many tools bug out when viewing the overly long reg name.

    What can and can't spot a malicious key:
    http://isc.sans.org/diary.php?date=2005-08-25

    No reason for it not to show up in new malware...

  7. #7
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,535
    And once again assumption is the mother of all ****ups..

    I didn't know even regedit assumed 256chars max...

    stupid !
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides