Microsoft’s ARM-based Windows RT mobile OS is supposed to be locked-down, but a hacker claims a vulnerability will allow unsigned apps to run on it
Thanks a vulnerability Windows RT, the supposedly locked-down Microsoft mobile device operating system, can be modified to run unauthorized desktops apps, according to one hacker.
Although it launched alongside Windows 8 last October, Windows RT is only distributed as a pre-loaded OS on devices produced by certain manufacturers. Microsoft has an RT version of its new tablet Surface.
The lock-down features on RT allows only apps digitally signed by Microsoft and not third-party apps to run on the OS.
However, clrokr claims a vulnerability in the Windows kernel which got ported to ARM makes an exploit possible. Regular Windows 8 tablets also have a locked-down modern UI, but there are ways around this restriction. The traditional desktop side of Windows 8 lets you run any app you like, as with previous versions of Windows. Windows 8 tablets also have a locked-down user interface, but there are ways around the restriction which also works on RT, according to clrokr.
“It (lock down) does not stop pirates from modifying store apps (and their license checks) because store apps are the only thing that can actually run unsigned,” he wrote. “The fact that this method works on Windows 8 as well shows how similar the systems are.”
He did however add that the exploit may remain in the programmer realms as it is too complicated for the average tablet user.
Sponsor: IBM Canada Ltd
The New Workplace: Supporting “Bring your own”
“Bring Your Own Device” (BYOD) and the “consumerization of IT” have taken hold in the enterprise, and employees using their own personal smartphones and tablets for business have become pervasive.