The road less truvelled: W32/Truvel

2008-07-01

Peter Ferrie

Microsoft, USA
Editor: Helen Martin

Abstract

By the addition of a relocation table, Vista executables can be configured to use a dynamic image base. That essentially turns them into executable DLLs. Now a virus has come along that has made a ‘breakthrough’ by infecting these executables - or it would be a breakthrough if it weren’t for the fact that relocatable executables have been supported since Windows 2000. Peter Ferrie takes an indepth look at the buggy W32/Truvel.


The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.


Poll

Do you use the same password(s) across multiple websites?
I use the same password for all sites
I have a number of passwords but use the same for some sites
I use a different password for each site
I don't sign up to any sites that require a password

Leave a comment
View 4 comments

Jobs Recruit Sidebar

Jobs

In Virus Bulletin's jobs pages among others:
Virus Bulletin currently has 190,883 registered users.