A "bootkit" leverages its kernel access and stealth by manipulating the boot process. Functionally, bootkits are no different than rootkits. They differ, though, in how they gain access. Traditional rootkits use elevated privileges while the OS is running. Bootkits, however, are installed from the boot sector of an external device and remain in memory throughout the system's boot process.
posted @ 2008-06-07 13:45 swordzhang 阅读(163) 评论(0)
编辑