Software // Operating Systems
News
1/8/2013
10:24 AM
Connect Directly
RSS
E-Mail
50%
50%

Windows RT Hacked To Run Desktop Apps

Microsoft's tablet OS can be fooled into running full-blown Windows 8 and legacy applications, hacker reveals.

Top 10 Tech Fails Of 2012
Top 10 Tech Fails Of 2012
(click image for larger view and for slideshow)
A hacker has developed a "deep in the kernel" workaround that lets users run full-blown Windows applications on tablets and hybrids that use Windows RT -- a trimmed down version of Windows 8 that's only meant to run mobile apps downloaded from Microsoft's Windows Store or those preinstalled by Redmond.

In a blog post, the hacker -- who uses the name clrokr -- disclosed the exploit. "It's taken longer than expected but it has finally happened: Unsigned desktop applications run on Windows RT," clrokr wrote.

Windows RT devices were released on Oct. 26 of last year, alongside Windows 8. The devices all run processors based on the ARM mobile reference design, which until now, rendered them incompatible with regular Windows applications. ASUS, Lenovo and other vendors have all shipped Windows RT tablets, as has Microsoft itself with Surface RT.

[ See our BYTE colleague Larry Seltzer's opinion on this topic: Jailbreak Windows RT -- Why? Beats Me. ]

Clrokr said Windows RT inherited a flaw from Windows 8 that makes the workaround possible. "Ironically, a vulnerability in the Windows kernel that has existed for some time and got ported to ARM just like the rest of Windows made this possible," wrote the hacker.

"MSFT's artificial incompatibility does not work because Windows RT is not in any way reduced in functionality. It's a clean port, and a good one," said clrokr.

Windows 8 and Windows RT systems come with a security feature called Secure Boot, which ensures that applications are authorized to run before they are launched. Secure Boot is more permissive on Windows 8, while on Windows RT it's configured so devices that use the OS can only run apps authorized by Microsoft.

clrokr said that a hack (which would be well beyond the capabilities of most users) essentially tricks Windows RT systems into running applications they aren't supposed to launch. "Finding this byte in the kernel takes awhile, there is no exported symbol for it and not even in the symbol database at MSFT," wrote clrokr. "I found it using WinDbg [Windows Debugger] and a machine running Windows 8 Pro."

clrokr admitted that the hack is not for the faint of heart, and that it carries some risks. At times it can trigger a Windows bug check, and the method "is not practical for most users, especially because tablet buyers are less likely to know enough about computers to do this than PC users."

In a statement, Microsoft said it does not consider the hack to be a major security threat because it is beyond the reach of most users, but added that it may take steps to eliminate it in future updates to Windows RT.

Tech spending is looking up, but IT must focus more on customers and less on internal systems. Also in the all-digital Outlook 2013 issue of InformationWeek: Five painless rules for encryption. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
kjhiggins
50%
50%
kjhiggins,
User Rank: Strategist
1/8/2013 | 9:43:37 PM
re: Windows RT Hacked To Run Desktop Apps
Something you don't see often--a Windows jailbreak.

Kelly Jackson Higgins, Senior Editor, Dark Reading
Deirdre Blake
50%
50%
Deirdre Blake,
User Rank: Apprentice
1/8/2013 | 5:48:07 PM
re: Windows RT Hacked To Run Desktop Apps
where there's a will, there's a way!
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 20, 2014
CIOs need people who know the ins and outs of cloud software stacks and security, and, most of all, can break through cultural resistance.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.