+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Microsoft blocks Trend Micro rootkit detector tool for 'cheating' hardware test

May 28, 2020, 13:06 IST
IANS
MicrosoftUnsplash
A Microsoft cybersecurity team has blocked a free Trend Micro anti-virus tool from running on Windows 10 that appeared to alter its operation and allegedly cheat through the stringent certification test for drivers.
Advertisement

For third-party drivers, passing Microsoft's Windows Hardware Quality Labs (WHQL) certification test is necessary.

If a driver meets the grade, it can be digitally signed by Microsoft, is trusted by Windows, and potentially can be distributed via Windows Update and similar mechanisms, reports The Registrar.

After reverse-engineering the driver, which sits at the heart of Trend Micro's Rootkit Buster software, Microsoft team were able to pinpoint flaws in the code, ascertaining that the software can evade hardware certification tests.

Meanwhile, Trend Micro has also withdrawn downloads of its rootkit detector that uses the driver.

Advertisement

Windows internals guru Alex Ionescu first discovered that Microsoft has blocked Trend Micro's driver.

Computer security researcher Bill Demirkapi also revealed shortcomings in the driver's code as well as an effort by the software to detect Microsoft's QA test suite.

The Rootkit Buster software has now disappeared from cybersecurity firm Trend Micro's website.

According to the company, they have found "a medium-level security issue and are working to ensure it is properly and quickly resolved".

"We are working closely with our partners at Microsoft to ensure that our code is in compliance with their rigorous standards," said the spokesperson.

Advertisement
Rootkit Buster is a free tool released in 2018 that hunts down rootkits designed to evade detection by scanning hidden files, registry entries, processes, drives and the master boot record.

The software also examines kernel code patches, operating system service hooks, file streams, ports, and services to identify and remove malicious rootkits, reports IT Pro.
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article