Joanna Rutkowska who researches stealth malware for IT outfit COSEINC, says her new Blue Pill concept uses AMD's SVM/Pacifica virtualisation technology to create an ultra-thin hypervisor to take control of the operating system.
She will be showing off her idea to the SyScan Conference in Singapore on July 21 and at the Black Hat Briefings in Las Vegas on August 3. This will include a working prototype that runs on Windows Vista x64 Rutkowska said will show a "generic method" of inserting arbitrary code into the Vista Beta 2 kernel (x64 edition) without relying on any implementation bug.
It even bypasses a crucial anti-rootkit policy change coming in Windows Vista that requires kernel-mode software to have a digital signature to load.
She said that the only way her rootkit can be detected is if AMD's Pacifica technology is flawed.
More on her Bog here.
Sign up for INQbot – a weekly roundup of the best from the INQ