Security Flaw in Vista and XP - Rootkit exploit in the wild
In early Devember 2007 a new rootkit that hides itself in the Master Boot Record (MBR) of a users disk was spotted in the wild. Up until then this was more of a proof of concept (POC).
This goes to show how much effort rootkit authors are putting in to creating new ways of evading Anti Rootkit software. This is a new vector of attack for malware writers and gives them control from outside the Operating System.
This rootkit is using the MBR flaw. The MBR can be written to from within Windows.
The rootkit installs itself ( 244K ) on the last sectors of the users disk and then modifies other sectors including sector 0. The code is run before your PC boots up into XP, Vista or NT and has full control of the boot process which means it can install and run any application it wants without you, XP, Vista or NT knowing about it.
http://www.antirootkit.com/blog/2008/01/03/security-flaw-in-vista-and-xp-rootkit-exploit-in-the-wild/