Vulnerability in existing Windows kernel ported to Windows RT.
When Microsoft first announced Windows RT, many users were somewhat confused. Here was a version of the Windows OS that looked just like Windows, but wouldn’t run regular Windows programs. Trying to install a Windows program on a Windows RT device just results in an error, unless you’re installing a program from the Windows App Store.
So it was just a matter of time before someone dug deep enough to try and get past this security block. And sure enough, that day is today. A post over at security-focused blog Surfsec details how unsigned desktop applications can be run on Windows RT. What’s even more interesting is that it seem Windows RT is more than capable of running regular apps; Microsoft simply setup a block to stop regular applications from being installed on RT. The post elaborates on this, saying:
“Windows RT is a clean port of Windows 8. They are the same thing and MSFT enforces Code Integrity to artificially separate these platforms. It does not stop pirates from modifying store apps (and their license checks) because store apps are the only things that can actually run unsigned. The fact that this method works on Windows 8 as well shows how similar the systems are. You can even enforce Code Integrity on Windows 8 to see what Windows RT feels like! The decision to ban traditional desktop applications was not a technical one, but a bad marketing decision. Windows RT needs the Win32 ecosystem to strengthen its position as a productivity tool. There are enough “consumption” tablets already.”
You can read the entire blog post here.