November 17, 2011, 5:31 PM — Considering all the security risks, malware, viruses, service-pack-installation-induced system-file corruptions and other routine tribulations of any popular or well-established operating system, it's a good thing Microsoft is almost ready to replace Windows 7 with Windows 8.
A new version of Windows will be more stable and secure just because it's newer and no one has had time to get up to any deviltry.
Wrong, according to security researcher and practical cracker Peter Kleissner, who has not only already created a rootkit to attack Windows 8, he understands and explains the modular workflow that allows malware writers to have new poisons ready almost as soon as whatever new device, application or operating system they're targeting has been delivered, according to an explainer in TheHackerNews.
Kleissner, who used to work for an unnamed antivirus company and now works on his own, created the Stoned Bootkit – a proof-of-concept root-access hacking tool designed to suss out the weaknesses of "all Windows versions from 2000 up to 7" by cracking each one open and laying it bare for any malware that might find its way into the bootkit's payload.
A bootkit, according to Kleissner's article on the magic of them, is a rootkit installed in the Master Boot Record, Partition Boot Record or Bootloader of an operating system. (There's also a video explaining it.)
Living in the core of instructions for boot-up, it loads along with the first components of Windows, with instructions from the boot-record that give it permission to stay in memory along with the Windows Kernel as the rest of Windows loads on top of it.
It inherits, in that way, the same rights as the Windows kernel , which is to say, all of them.
When Microsoft rolled out Windows 8 in October it also announced it would require manufacturers to support a Secure Boot feature built on Unified Extensible Firmware Interface (UEFI) – a more ordered, faster boot process more reliable than BIOS.