IViZ Announces New Class Of PC Vulnerability

Posted: Aug 26 2008, 2:00pm CDT | by , Updated: Aug 11 2010, 10:16am CDT, in News | Other Stuff


/* Story Top Left 2010 300x250, created 7/15/10 */ google_ad_slot = "8340327155";
Buy iviz from Amazon Prime Day, Amazon Cyber Monday and Black Friday Now

According to iViZ, encrypting a hard drive is no longer enough protection. The firm says that it discovered a new class of vulnerability at Defcon 16 security conference that allows hackers to steal boot passwords and bypass the security of pre-boot authentication software.

The vulnerability allows hackers to bypass encryption software. iViz says that it has already briefed vendors like Microsoft, Intel, and HP on the vulnerability.

"Surprisingly, this vulnerability has been existing for 25 years," says Jonathan Brossard, iViZ lead security researcher and discoverer of this vulnerability. "Programmers unaware of this security hole have coded boot password feature in such a way that user entered text do not get flushed from memory properly leading to inadvertent leakage and theft. Even hard-drive encryption does not help in this case," adds Mr. Brossard. This vulnerability affects Microsoft Bitlocker on the latest TPM (but not Vista SP1), Truecrypt, Intel/HP BIOS and several others.

Via IvIz

You May Like


The Author

<a href="/latest_stories/all/all/3" rel="author">Shane McGlaun</a>
Leading our review center, Shane McGlaun (Google) knows technology inside out. His extensive experience in testing computer hardware and consumer electronics enable him to effectively qualify new products and trends. If you want us review your product, please contact Shane.
Shane can be contacted directly at shane@i4u.com.




Leave a Comment

Share this Story

Follow Us
Follow I4U News on Twitter
Follow I4U News on Facebook

You Also Like


Read the Latest from I4U News