Today's Hard|Forum Post
Today's Hard|Forum Post

Saturday September 24, 2016

Street Fighter V Installs Hidden Rootkit On PCs

It’s times like these where I’m glad to have waited before buying a newish title. An update to the newest Street Fighter game allows any application to have kernel-level privileges. While the driver was intended to prevent players from hacking the title, it allows someone to hack your entire system instead.

آ…the capcom.sys kernel-level driver provides an IOCTL service to applications that disables SMEP on the computer, executes code at a given pointer, and then reenables SMEP. In other words, it switches off a crucial security defense in the operating system, then runs whatever instructions are given to it by the application, and then switches the protection back on. SMEP [PDF] is a feature in modern Intel and AMD x86 processors that, when enabled, prevents kernel-level software from executing code in user-owned memory pages.

Comments