Hack allows Windows RT tablets to run unsigned non-Windows Store apps

windowsrtunlocked

Nicaraguan security researcher clrokr has managed to unlock the kernel setting which prevents Windows RT devices from running unsigned code as found on desktop applications.

He exploited a security vulnerability which exists in Windows 8 and which was therefore also present in Windows RT, and also the fact that Microsoft allows Remote Debuggers to attach to user processes.

He managed to find the bit in RAM which tells the OS whether they should run Unsigned(0) apps, Authenticode(4) signed apps, Microsoft(8) signed apps or Windows(12) signed apps. By default Windows RT will only run Microsoft signed apps.

The hack will presumably not persist beyond a reboot, and enabling it does require a lot of expertise.

clrokr argues that the discovery shows that there is no essential difference between Windows 8 and Windows RT, and that users should have the ability to run desktop apps. On the other hand he does not seem to appreciate the advantages of restricting users to Metro apps in terms of security, simplicity and battery life.

Read more about the hack at his blog here.

It is unlikely that this hack will turn into a general use jailbreak solution, but such an outcome it not impossible.

Do our readers with their Surface tablets had the option to run non-Windows Store apps? Let us know below.

Comments