Symantec has warned of a new Windows 7 Trojan that can elevate the privileges of any restricted process to administrator level, without the user's permission or knowledge.
The latest fully patched versions of Windows 7 are vulnerable to backdoor.Conpee Trojan, warned Mircea Ciubotariu, a security response engineer at Symantec, on a company blog.
The new Trojan targets both 32-bit and 64-bit versions of Windows 7, adding to the growing weight of evidence that malware writers are redesigning their software to bypass security features in 64-bit Windows, said Ciubotariu.
The 64-bit version of Windows 7 and Vista included Kernel Mode Code Signing and Kernel Patch Protection, that were intended to make them less vulnerable to malware.
But backdoor.Conpee and the recently-discovered Backdoor.Hackersdoor Trojan have both been shown to infect 64-bit operating systems, said Ciubotariu.
“What was just a theory not so long ago is now being used in-the-wild by [these] threats,” he warned.
The Hackersdoor Trojan is able to bypass the driver signing system used in 64-bit Windows using stolen certificates.
Symantec first detected this type of infection in December 2011, and while the number of infections seen in the wild since then have been modest, it appears the malware writers have been using it as a test case, added Ciubotariu.
“It proves, once again, the length malware creators will go to achieve their goals,” he said.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago