Linked by Thom Holwerda on Sun 6th Jan 2013 23:00 UTC
Windows "It's taken longer than expected but it has finally happened: unsigned desktop applications run on Windows RT. Ironically, a vulnerability in the Windows kernel that has existed for some time and got ported to ARM just like the rest of Windows made this possible. MSFT's artificial incompatibility does not work because Windows RT is not in any way reduced in functionality. It's a clean port, and a good one. But deep in the kernel, in a hashed and signed data section protected by UEFI's Secure Boot, lies a byte that represents the minimum signing level." Good stuff. Very good stuff.
Thread beginning with comment 547632
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Seems like a lot of work
by BluenoseJake on Mon 7th Jan 2013 09:43 UTC in reply to "RE: Seems like a lot of work"
BluenoseJake
Member since:
2005-08-11

This affects desktop apps, not store apps. Because desktop apps are Win32 apps, they aren't compiled to run on ARM.

Reply Parent Score: 2

chithanh Member since:
2006-06-18

Because desktop apps are Win32 apps, they aren't compiled to run on ARM.
But they can be compiled to run on ARM, and with the exploit now they will run.

This is of course not interesting for commercial software vendors, but people who want to build Win32 desktop apps for the Surface RT now have the ability to.

Reply Parent Score: 3

BluenoseJake Member since:
2005-08-11

It's probably a bad business plan to base your app on a vulnerability in the base OS, but hey, that's just my way of thinking.

Reply Parent Score: 2

Alfman Member since:
2011-01-28

chithanh,

"This is of course not interesting for commercial software vendors, but people who want to build Win32 desktop apps for the Surface RT now have the ability to."

It is a nice, yet temporary exploit for end users. Now that this is out of the bag, the byte is not likely to exit in future updates (which may or may not be mandatory for current users who don't want to loose functionality like the whole PS3 debacle).

Edited 2013-01-08 05:51 UTC

Reply Parent Score: 2

Nelson Member since:
2005-11-29

Unsigned Windows Store apps have always been able to run (using the aforementioned Remote Debugger) which also allows you to use the full .NET/Win32 API in your apps for pure sideloading.

This facet of the Windows App sandbox is enforced only at Submission time by running the Windows App Certification Kit.

Its always been the case. And has therefore always been possible to run unsigned code for your own purposes on your own device (As I've been tirelessly saying for months, but which people conveniently ignore in their criticisms).

I just tested it and fired up an C++ app which uses a Win32 API (that also fails the App Certification static analyzer) and can be successfully deployed to my Surface RT.

Reply Parent Score: 3