InfoWorld

Programming the Windows kernel with eBPF

Much of modern operating system functionality happens in and around the kernel. That’s a problem when you’re implementing monitoring and observability tools or adding low-level security tools because ...
WeLiveSecurity

Signed kernel drivers – Unguarded gateway to Windows’ core

There are various types of kernel drivers; the first that come to mind are device drivers that provide a software interface to hardware devices like plug and play interfaces or filter drivers. These ...
Bleeping Computer

How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11

Kernel-mode Hardware-enforced Stack Protection is a security feature introduced in Windows 11 22H2 that protects systems from various memory attacks, such as stack buffer overflows. Microsoft added ...
CSOonline

Microsoft hints at revoking access to the Windows kernel — eventually

A new Microsoft announcement suggests it has found a way to deliver kernel-level visibility and capabilities to apps running in user mode. Experts conclude a ban on kernel access for cybersecurity ...
Bleeping Computer

New Windows Driver Signature bypass allows kernel rootkit installs

Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems. This is possible by taking control of ...
CRN

Microsoft Exec: Windows Will Enable Security Tools To Run ‘Outside Of Kernel Mode’

Following the massive Windows outage in July caused by a defective CrowdStrike update, Microsoft is working on a way to allow security products to ‘run in user mode just as apps do,’ Microsoft’s David ...
Linux Journal

Windows 11 Powers Up WSL: How GPU Acceleration & Kernel Upgrades Change the Game

Windows Subsystem for Linux (WSL) has gradually become one of Microsoft’s key bridges for developers, data scientists, and power users who need Linux compatibility without leaving the Windows ...