Anti-rootkit safeguards: welcome Vista

Aleksander Czarnowski Avet

This is a follow-up to my VB2006 presentation and contains updated information regarding Windows Vista. This includes Microsoft driver signing policy, changes to PE format including 64-bit support and other technical details. It will also cover differences between beta versions used in previous research and final Vista release. Parts regarding Windows XP and 2003 will cover advances in hiding and detour techniques.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.