Security 10813 Published by

InformationWeek posted a news story that the Alureon malware has been updated to compromise Microsoft's 64-bit operating systems by defeating driver-signing security.



According to Chandra Prakash, technical fellow at GFI Labs, "the TDL4 rootkit bypasses driver signing policy on 64-bit machines by changing the boot options of Microsoft boot programs that will allow an unsigned driver to load."

The rootkit, which itself arrives as an unsigned driver, also disables debuggers, which "makes reverse engineering this rootkit very difficult," said Prakash.
  Alureon Malware Bites Windows 7