New Malware Targets 64-Bit Windows2011-06-06 11:17 by DanielaTags: malware, security, Windows
According to a Kaspersky Lab report, a new malware targets 64-bit versions of Windows, due to a loophole that can allow rootkit writers to write malware, capable of evading the PatchGuard driver signing protection built into 64-bit versions of Windows. The malware needs a downloader to attack the system using two common Java and Adobe Reader software flaws. The new malware calls Rootkit.Win64.Necurs.a. on 64-bit Windows systems. Then the 'bcdedit.exe - set TESTSIGNING ON' command is executed, trying out drivers during development, the report said. Once loaded, the rootkit is able to block the correct loading of antivirus software that might detect and remove it. The malware also attempts to download Hoax.OSX.Defma.f, a fake antivirus program targeting Mac OS X users, which can't run on Windows.
Read more -here-
User Reviews/Comments:
rate:
avg:
by
sava700 - 2011-06-06 12:19
This is nothing new... I've been seeing most new malware versions targeting 64bit alot lately due to the amount of systems now coming with it by default.
Even running in safemode isn't helping you avoid it launching, stopping executables from running correctly and so on. Requires alot of hands on repair work from someone that knows what they are doing. |