Analisi Archive

Windows UEFI startup – A technical overview

Trough this analysis paper we’ll give a look at Windows 8 (and 8.1) UEFI startup mechanisms and we’ll try to understand their relationship with the underlying hardware platform. Windows boot manager and loader The Windows boot manager starts its execution in the EfiEntry procedure. EfiEntry is, as

Il caso PRISM: debolezze del protocollo RSA

Il continuo susseguirsi di notizie sul caso Swoden, il giovane 30enne ex dipendente dell’NSA – i servizi segreti americani – sta alzando un polverone diplomatico che ben da vicino ricorda quello della Guerra Fredda che il mondo intero ha vissuto con tanta ansia decadi or sono. Le

Securing Microsoft Windows 8: AppContainers

Recently, we have been conducting an analysis concerning the new Windows 8 security features. There are few documents available in Internet about this topic and no one of them explains the entire implementations in detail. The paper has been divided in two parts because of the complexity of

Saferbytes x86 memory bootkit: new updated build is out

Some months ago we wrote a blog post about physical memory limits in all Microsoft Windows 32 bit builds along with a test application able to install a bootkit in the system. This bootkit enables the operating system to exploit all available memory above 4 GB (up

UEFI technology: say hello to the Windows 8 bootkit!

In this article we are going to analyze the Unified Extensible Firmware Interface, from both a technical and security perspective. We will also take a brief look at the new Windows 8 EFI Kernel, we’ll discover many new interesting feature Microsoft implemented in it. In the beginning