
Double KO Capcom's Street Fighter V Installs Hidden Rootkit on PCs - Cozumel
http://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/
======
ezoe
How could be a programmer, who has enough patience to read documents and has
knowledge to implement the Windows kernel driver which does,

1\. offer IOCTL serivce 2\. disable SMEP 3\. execute user-space code from
kernel.

, NOT notice the very program he is writing has serious security
vulnerability?

How could he not notice and saying "Wait, Am I writing rootkit?"

------
x2f10
The official Twitter said to expect a "PC rollback solution soon".[1]

1\.
[https://twitter.com/StreetFighter/status/779415276399931392?...](https://twitter.com/StreetFighter/status/779415276399931392?lang=en)

------
0x0
Sounds like this capcom.sys should be added to AV signature lists...

~~~
slipstream-
I agree. Malware has been known to install vulnerable signed drivers to get
unsigned kernelmode code execution.

