Forum latest

PatchGaurd, a fight over Vista protection...
Written by Daniel   
Wednesday, 10 January 2007 07:17
Popping the Vista Kernel
Dark Reading

DECEMBER 22, 2006 | There are so many great things to look forward to in the new year, including the API spec from Microsoft for endpoint security vendors that want to develop compatible products for the 64-bit Vista kernel.

The specification, with implementation targeted for delivery with SP1, is all but guaranteed to stoke the debate between Microsoft and the security industry for the optimal way to secure Windows. The discussion revolves around Microsoft's implementation of Kernel Patch Protection (KPP), commonly known as PatchGuard, and the security vendors' reluctance to be constrained in how they secure Vista customers.

PatchGuard refers to the Microsoft technology in 64-bit Vista that prevents third-party software from hooking and modifying the Vista kernel. Pre-Vista security software, such as anti-virus, anti-spyware and host intrusion prevention, patched the Windows operating system, file structure and network stack. These hooks enabled third-party products to insert security logic into the flow of kernel-mode processing to detect and block attacks.

Microsoft could not easily change sections of the kernel without running the risk of breaking unsupported hooks for end-user security products. A fault in security code running in the kernel would lead to the ever-popular Windows blue screen, safe mode re-boots, and maintenance headaches for users. Microsoft's PatchGuard plan was to preserve the integrity of Windows by repositioning all third-party software outside of the kernel. Since Microsoft is the custodian of Vista, it is perfectly within their rights to do this....Much More

Comment in the Forums.


See also

None found.

Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either