Symantec has warned of a new Windows 7 Trojan that can elevate the privileges of any restricted process to administrator level, without the user's permission or knowledge.
The latest fully patched versions of Windows 7 are vulnerable to backdoor.Conpee Trojan, warned Mircea Ciubotariu, a security response engineer at Symantec, on a company blog.
The new Trojan targets both 32-bit and 64-bit versions of Windows 7, adding to the growing weight of evidence that malware writers are redesigning their software to bypass security features in 64-bit Windows, said Ciubotariu.
The 64-bit version of Windows 7 and Vista included Kernel Mode Code Signing and Kernel Patch Protection, that were intended to make them less vulnerable to malware.
But backdoor.Conpee and the recently-discovered Backdoor.Hackersdoor Trojan have both been shown to infect 64-bit operating systems, said Ciubotariu.
“What was just a theory not so long ago is now being used in-the-wild by [these] threats,” he warned.
The Hackersdoor Trojan is able to bypass the driver signing system used in 64-bit Windows using stolen certificates.
Symantec first detected this type of infection in December 2011, and while the number of infections seen in the wild since then have been modest, it appears the malware writers have been using it as a test case, added Ciubotariu.
“It proves, once again, the length malware creators will go to achieve their goals,” he said.
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural network also shows clinicians how it reached its judgement
Yokohama National University demonstrate technology that could lead to a fault-tolerant universal quantum computer
Top-of-the-range Threadripper 2990WX now available from Scan, Ebuyer, Overclockers, Novatech and Amazon