It’s very easy for Hackers to access any system’s memory and that’s how the Hackers are taking over Windows 7, using its PCMCIA port. Windows 7 is helpless against a memory attack which could permit others to get complete access of your computer system. Damien Aumaitre and Christophe Devine are two researchers, working for European Security Expertise Center. They have written a paper in which, they claim that the hackers
A paper written by researchers’, claims that the hackers can gain access to the 64-bit Windows 7version, through its kernel code which is stored in the physical memory of your PC. Though, the good news is the hacker would require straight physical contact with the system to accomplish the attack.
The research paper showed that, using PCMCIA card which enclosed custom DMA engine that runs on MIPS CPU. This device was capable to access the kernel code of Windows 7 and then take control of the operating system which means that the OS and CPU were bypassed and unable to stop malicious DMA requests.
Though, this technique isn’t new as many other researchers have used it for other Windows versions like Windows XP by tapping system’s DMA through other ports. But because of some major changes done in the windows 7, the DMA engine used in present “hacking” device, had to rebuild from scratch. The only way to hack now is to access the memory through PCMCIA.
According to Devine and Aumaitre, hack can be avoided through deactivation of PCMCIA driver. Another way of protection is to use an IOMMU (input/output memory management unit). It can shield physical memory from obstructions from devices. All of the recent CPUs already have this technology.
They can show you how hackers attack, with the help of DMA (Direct Memory Access), to totally bypass CPU and the operating system and eliminates all the security features there. This does need physical access to computer, though, it limits the attacks, but still, the vulnerability is a big worry.
At present, the researchers are working on Windows 7’s 64-bit version. So it’s not very clear about those, who are using 32-bit version. But it’s quite possible that the findings of the 64-bit version will be applied to 32-bit systems also.
Operating systems like IBM System x3650, Windows XP, M3 Express and some older versions of Mac OS X, were hit by using the same method. So, the researchers had to totally rewrite the DMA engine to permit it to bypass security features of Windows 7. The attack on Windows 7 is through the PCMCIA port, whereas other DMA attacks are through Card Bus port.