Microsoft said this to The Verge recently:
The scenario outlined is not a security vulnerability and does not pose a threat to Windows RT users. The mechanism described is not something the average user could, or reasonably would, l...
Okay you guys, I found a way to change the required signing level. I'm trying to figure out how to automate this so everybody can profit. You basically use VS2012 to edit the last code page of a module that runs in CSRSS's process. Insert some han...
Have at it!
Circumventing Windows RT's Code Integrity Mechanism
Some bad news, ntoskrnl.lib is available for all platforms except for ARM.
However, dumpin is available for ARM, so I'll find a way. Let's just hope the dynamic linker on ARM plays nice and imports our lib.
NINJA EDIT: Found the base address. Ya...
Okay, so the problem is that the part of ObfDereferenceObject that we use to decrement a dword at an address is implemented like this on ARM (R5 contains our address):
LDREX.W R4, ; Load Register Exclusive
SUBS R4, #1 ...