23 Nov 2010

New malware strain hits Windows 7

According to internet security researchers, an upgraded version of the Alureon malware is now targeting 64-bit versions of Windows Vista and Windows 7.

The malware accesses users’ computers by bypassing a driver signing policy on 64-bit machines, says Chandra Prakash, a technical fellow at the security firm that discovered the malware. “[It changes] the boot options of Microsoft boot programs that will allow an unsigned driver to load.”

The original version of Alureon targeted 32-bit Windows machines. According to Microsoft, "these Trojans allow an attacker to intercept incoming and outgoing internet traffic in order to gather confidential information, such as user names, passwords and credit card data.”

Alureon made headlines earlier this year when it prevented many 32-bit Windows users from updating their computers. At the time, Microsoft announced that 64-bit machines were immune from the malware thanks to a patch protection software called “PatchGuard.” However, Alureon’s creator’s have created a path around PatchGuard.

Several malware strains are using creative methods to bypass Windows security measures. One recently discovered malware strain is disguised on users’ computers as the Microsoft Security Essentials anti-malware.