This morning, the web is alive with stories claiming that security researchers have found an unfixable hole in Microsoft’s Windows 7 operating system (and by implication the closely related Windows 2008 R2.) Needless to say this makes for good headlines and plenty of web traffic for any site that puts up the article. But the fact is, the “hole” is not a Windows 7 hack at all. The hack (if you can call it that) involves getting physical access to the machine, changing the boot order to boot from something other than the boot drive (i.e. a USB key) and then loading code into memory that takes over the boot process before the real operating system loads.
Anybody with even a modicum of savvy can see that this is not a security hole in the operating system, since it takes place before the operating system is even loaded. While the code they’ve written targets Windows 7 (much better chance of headlines) the concept will work with any operating system on Intel hardware. If you can take control of the hardware before the operating system is loaded in memory and change the OS image in memory, there’s not much the OS can do about it. So the defense is one that is already well understood by IT, physical security, if you don’t have it, then all your other security measures are meaningless.
Posted by: Nik Simpson