Microsoft revokes digital certificates on freeware Vista program

August 7, 2007
by

Microsoft revokes digital certificates on freeware Vista program The dream police do not live in your brain, they live on your hard drive in the form of Microsoft Windows Vista.  You may remember we reported on the Astiv software that allowed users to bypass the normal way of signing drivers on 64-bit versions of Vista.  Microsoft did not take too kindly to that and has since blocked the program and revoked its driver signing certificates.  The Australian company behind the program has taken offense.

A security researcher said that the Astiv program exhibits “rootkit” behavior.  The developers of the program say it makes it easier to load legitimate but unsigined drivers onto Windows Vista 64-bit which is a bit more touchy about drivers than its 32-bit brethren.

Scott Field, a Windows security architect said, “VeriSign has revoked the code signing key used to sign the Atsiv kernel driver [as of Aug. 2], which means the code signing key will no longer be considered valid.”

Microsoft has also released Windows Defender definition updates that include blocking, detection and removal of the Astiv program.  However, some users are upset that Microsoft has gone to such lengths to block a program that could be considered legitimate.  As one user puts it “working around the limitations of an operating system is not necessarily a bad thing.”  Another said, “To describe this tool as ‘undesirable’ stretches that word beyond reason. Atsiv has no self-propagating functionality. It doesn’t do any privilege escalation or modify any system functions or memory or anything like that.”

Linchpin Labs, the makes of Astiv, declined to comment.  However, most of this applies only to 64-bit versions of Vista, it is relatively easy to load unsigned drivers on 32-bit versions of Vista simply by providing an administrator password or logging on to an admin account.



Related Posts:

Posted in Microsoft, Security, Vista | 3 Comments » Read more from

3 Responses to “Microsoft revokes digital certificates on freeware Vista program”

  1. Purple Pill beats Windows Vista’s 64-bit driver authentication - VISTA.BLORGE.com:
    August 11th, 2007

    [...] in 50 per cent of laptops, it cannot be address as easy as the case of Atsiv where Microsoft simply revoked LinchpinLabs’ certificate on Atsiv and issued a signature for Windows Defender categorizing Atsiv [...]

  2. Bob:
    September 11th, 2007

    Australians cannot take “offense” (whatever that is), they are likely to take offence however. Even filthy murderous convict spawn can spell.

  3. Bob:
    September 11th, 2007

    Oh and happy September the 11th day everyone!!

Leave a Reply:


Recent stories

Featured stories

Archives

Copyright © 2012 Blorge.com NS