secure-kernel
4 posts tagged secure-kernel.
-
The Driver That Was Signed and the Driver That Won't Load: Windows Kernel Code Integrity, 2006-2026
A history of Windows kernel code-signing -- KMCS, BYOVD, HVCI, the Vulnerable Driver Block List, and why a 2026 Windows kernel uses five gates to decide what loads.
-
From /hotpatch to \$1.50 a Core: The Live-Patch Pipeline Microsoft Built and Then Made Public
How Windows hot patching evolved from a 1990s compiler flag to a Secure-Kernel-mediated, three-layer pipeline shipping in three product waves between 2022 and 2025.
-
VBS Trustlets: What Actually Runs in the Secure Kernel
A field guide to Virtualization-Based Security trustlets on Windows 11: the five gates a binary passes to become one, the inbox roster, and where the model ends.
-
When SYSTEM Isn't Enough: The Windows Secure Kernel and the End of Total Kernel Trust
How Windows built a hardware-isolated kernel above Ring 0 using Hyper-V, protecting credentials and code integrity even after full NT kernel compromise.