Windows 7 and Mac OS X each have a new, fundamental flaw that will be presented at the Hack in the Box conference in Amsterdam in July. These security holes are so close to the core operating systems that fixing them may be very hard.
Windows 7 has an issue in the 64-bit edition of the operating system.
Security researchers at Sogeti/ESEC, Christophe Devine and Damien Aumaitre, discovered weaknesses in Direct Memory Access (DMA). An attacker could use those vulnerabilities to get access and take control of the machine, thereby bypassing all security features of the operating system.
“The problem is related to the functioning of the motherboard, so it is quite irresolvable in software,” Hack in the Box conference organiser Dhillon Andrew Kannabhiran said. “This is quite a fundamental problem, because an attacker basically can manipulate the PC’s memory.”
Researchers Devine and Aumaitre claim another successful attack method for Windows 7. At the conference they’ll also show a PCMCIA-card that can be used to bypass all Windows protections by just plugging it in to a computer.
The Mac OS X issue is somewhat easier to fix, although the impact of this security hole is bigger, according to Kannabhiran. The flaw affects not only Macs, but could also affect the iPod touch, iPhone and iPad, because they all use the same OS X base. Security researcher Ilja van Sprundel from IOActive discovered this hole. He can use it to manipulate the IOKit element of the operating system and through that exploit a wide range of bugs to affect Mac OS X devices.
“We’re talking about kernel functionality of Mac OS X. Whether this is intrinsically linked to the hardware remains to be seen,” says Kannabhiran. “We haven’t mapped out al the dependencies, but we can infer that it looks pretty grim.”
Hack in the Box expects responsible disclosure from the security researchers. Microsoft and Apple have been notified of these security holes and are supposedly looking into them. Neither company commented on the matters.