VBootkit vs. Bitlocker in TPM mode

"So at HITB in Dubai this week - some researchers announced a proof of concept 'bootkit' for Vista.  A bootkit is a rootkit that is able to load from a master boot record and persist in memory all the way through the transition to protected mode and the startup of the OS.  It's a very interesting type of rootkit.

So I had an interesting discussion with a former Bitlocker Drive Encryption (BDE) Sr. SDE (Software Development Engineer) this morning (Jamie Hunter) about whether BDE would mitigate these types of attacks if used properly and I'm very pleased to announce that it does!!  This is a threat that the BDE team definitely anticipated and actively planned for!"




Comments (0)

Skip to main content