Having released two major Windows versions for the x64 architecture (also known as ‘AMD64’), Microsoft has opened the door to inexpensive 64-bit computing for just about everybody. At the 2005 Virus Bulletin Conference I presented a paper on the x64 architecture, detailing how known 32-bit viruses and rootkits interact with it.
There were a number of questions from the audience at the end of the presentation, but the most interesting one was a question posed by a researcher from Symantec’s European AntiVirus Research Centre. It related to Internet Explorer in Windows x64 and how ActiveX objects and BHO (Browser Helper Objects) – which until now have been exclusively 32-bit – work (or don’t work) in the Windows x64 environment.
The significance of this, of course, is that there is a great plethora of spyware and adware which installs from the Internet via IE vulnerabilities, through the use of ActiveX technology or Java applications.Read Full Story