New Version of Stoned Bootkit Said to Bypass Windows 8 Secure Boot

**A Guy** · 11-19-2011

A security researcher who has in the past has created low-level rootkits capable of staying resident on an infected machine after reboots, said he has now accomplished the same feat on Windows 8, which hasn't even hit the shelves yet. Peter Kleissner said he has created a new version of his Stoned bootkit that defeats the pre-boot security checks included in the forthcoming OS and survives reboots.

Kleissner is known in the security community for his creation of the Stoned bootkit, a sophisticated form of rootkit that is designed to load from the master boot record and stay resident in memory throughout the boot process. The previous version of the bootkit was designed to work on Windows XP through Windows 7, but the new one that Kleissner has written also works on Windows 8. He said in a message on Twitter Thursday that Stoned Lite is a small footprint bootkit that can be loaded from either a USB stick or a CD.

He said he may also add some other functionality to the software in the near future.

Source

A Guy

**Jav** · 11-25-2011

Live Demo of the Bootkit in Windows 8 DP by Peter Kleissner.

Windows 8 Bootkit Live Demonstration

This shows how to use Stoned Lite to get SYSTEM rights on Windows 8 through the cmd privilege escalation (done by a driver loaded by the bootkit). The infector is just 14 KB of size and bypasses the UAC.

**vrosa** · 11-25-2011

Very interesting

Similar Threads
Thread	Forum
Windows 8 VHD - Create at Boot to Dual Boot with	Tutorials
Why do Linux fanatics want to make Windows 8 less secure?	Windows 8 News
Worried About Win 8 Secure Boot? So Is the Free Software Foundation	Windows 8 News
Bypass windows 8 hardware check	Installation & Setup
Beta-version of Windows 8 will be collected as soon as possible - July	Windows 8 News

Thread: New Version of Stoned Bootkit Said to Bypass Windows 8 Secure Boot

Thread Tools

New Version of Stoned Bootkit Said to Bypass Windows 8 Secure Boot