vbs
6 posts tagged vbs.
-
Windows Downdate: When the Update Itself Is the Attack
How Alon Leviev turned Windows Update into a downgrade primitive, rolling fully-patched Windows 11 back to vulnerable VBS components while every signature still verified.
-
Windows Sandbox vs Windows Defender Application Guard: Two Hyper-V Sandboxes, Different Threat Models
Two Hyper-V-backed isolation containers shipped in Windows -- one survived, one was retired. The story of why disposable beat persistent, and what each model was actually for.
-
The ACPI Tables That Quietly Secure Your Windows Machine
Five small ACPI tables -- DMAR, IORT, WSMT, SDEV, WPBT -- form the firmware-OS contract behind VBS, Credential Guard, Kernel DMA Protection, and BitLocker.
-
The Object Manager Namespace: The Hierarchical Filesystem Underneath Every Windows Security Boundary
A bottom-up tour of the Windows Object Manager namespace, the 1993 Cutler-era kernel data structure that every Windows security boundary quietly assumes.
-
Above Ring Zero: How the Windows Hypervisor Became a Security Primitive
A deep tour of the Windows hypervisor as the substrate of VBS, HVCI, Credential Guard, and Secure Launch -- its five primitives, the boundary it commits to, and the public failures that calibrate it.
-
VBS Trustlets: What Actually Runs in the Secure Kernel
A field guide to Virtualization-Based Security trustlets on Windows 11: the five gates a binary passes to become one, the inbox roster, and where the model ends.