Security Researcher Alex Lonescu has found a way to bypass Microsoft Vista’s Protected Processes. This can allow users to disable DRM but it also can allow virus authors to create more dangerous malware that is even harder to detect and remove.
Malware authors can use this bypass to protect any process they want, including viruses, keyloggers, adware, or worms. They can also use it to unprotect any process that you actually want running like anti-virus programs and firewalls.
While Lonescu hasn’t released the source code it’s only a matter of time before malware authors duplicate his methods and we start to see malware using these techniques in the wild.
[tags]Microsoft Vista, Windows Vista, Microsoft Windows Vista, Vista, Microsoft, Mac, ubuntu, malware, drm, protected processes[/tags]