TDL4 Rootkit Bypasses Windows Code-Signing Protection

In recent versions of Windows, specifically Vista and Windows 7, Microsoft has introduced a number of new security features designed to prevent malicious code from running. But attackers are continually finding new ways around those protections, and the latest example is a rootkit that can bypass the Windows driver-signing protection. The functionality is contained in TDL4, which is the latest