Anti-rootkit safeguards: welcome Vista

Aleksander Czarnowski Avet

This is a follow-up to my VB2006 presentation and contains updated information regarding Windows Vista. This includes Microsoft driver signing policy, changes to PE format including 64-bit support and other technical details. It will also cover differences between beta versions used in previous research and final Vista release. Parts regarding Windows XP and 2003 will cover advances in hiding and detour techniques.

VB Conferences

VB2011 (Barcelona)

VB2010 (Vancouver)

VB2009 (Geneva)

VB2008 (Ottawa)

VB2007 (Vienna)

VB2006 (Montréal)

VB2005 (Dublin)

VB2004 (Chicago)

VB2003 (Toronto)

VB2002 (New Orleans)

VB2001 (Prague)

VB2000 (Orlando)

VB99 (Vancouver)

VB98 (Munich)

VB97 (San Francisco)

VB96 (Brighton)

VB95 (Boston)

VB94 (Jersey)

VB93 (Amsterdam)

VB92 (Edinburgh)

VB91 (Jersey)

‘This was my first attendance at a Virus Bulletin conference and I found it extremely worthwhile - excellent speakers, good discussions, valuable networking and generally a decent educational venue.’

Poll

Are you still running IE 6?

Leave a comment

VB100 certification

This month VB's test team put 26 products to the test on Windows Server 2008. John Hawes has the full results.
See full results.

Virus Bulletin currently has 187,802 registered users.

Fighting malware and spam