[ISN] Vista's image-based install is great for hackers

From: InfoSec News (alerts@private)
Date: Mon Dec 04 2006 - 23:32:11 PST


http://www.theinquirer.net/default.aspx?article=36134

By Nick Farrell
04 December 2006

USERS HOPING for pirated copies of Vole's latest operating system Vista 
might find themselves downloading some heavy duty malware.

In an interview with APC Magazine, a Volish technology specialist John 
Pritchard said that the installation process and the ease with which 
administrators can pre-install software into a Vista install DVD could 
be to blame.

Pritchard said that pirated copies of Vista could easily come with 
malware preinstalled.

Vistas installation process does not use an 'installer' and the install 
DVD is actually a preinstalled copy of Windows that simply gets 
decompressed onto a PC. Pritchard said that the DVDs installs a Windows 
Imaging (.WIM) file, which is basically the operating system folders 
wrapped up in an image file.

While users might think they are doing an install, what they are 
actually doing is grabbing the install.wim and executing that as an 
upgrade or clean install. Pritchard admitted that this meant that there 
was a bigger risk for malware to be injected into pirated Vista install 
DVDs.

The only way around this is to not have pirated DVDs and to know where 
you got your disk from, he said.

The pirates could easily have installed malware into the install files 
of Windows XP, but they didn't.

-=-

L'INQ
APC Magazine
http://apcmag.com/node/3834


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Mon Dec 04 2006 - 23:42:42 PST