kernel-security
3 posts tagged kernel-security.
-
The Same-Privilege Paradox: Twenty-One Years of Windows Kernel Self-Defense
PatchGuard, KASLR, KDP, and the Win32k Lockdown are four answers to one paradox -- a defense at the attacker's privilege cannot succeed in principle. The 2005-2026 trajectory is migration out of the kernel.
-
Protected Process Light: When the Administrator Isn't Enough
How a single byte in EPROCESS encodes a signer lattice that denies SYSTEM-integrity admins the right to read LSASS -- and why every public bypass since 2018 attacks the same structural seam.
-
When SYSTEM Isn't Enough: The Windows Secure Kernel and the End of Total Kernel Trust
How Windows built a hardware-isolated kernel above Ring 0 using Hyper-V, protecting credentials and code integrity even after full NT kernel compromise.