Bleeping Computer

New Windows Driver Signature bypass allows kernel rootkit installs

Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems. This is possible by taking control of ...
InfoWorld

Programming the Windows kernel with eBPF

Much of modern operating system functionality happens in and around the kernel. That’s a problem when you’re implementing monitoring and observability tools or adding low-level security tools because ...
Computer Weekly

Why is CrowdStrike allowed to run in the Windows kernel?

A 2009 EU anti-competition ruling has been used as a line of defence by Microsoft as questions are being asked over why a third-party product was able to take down Windows. On Friday 19 July, 8.5 ...
CRN

Microsoft Exec: Windows Will Enable Security Tools To Run ‘Outside Of Kernel Mode’

Following the massive Windows outage in July caused by a defective CrowdStrike update, Microsoft is working on a way to allow security products to ‘run in user mode just as apps do,’ Microsoft’s David ...
TechSpot

The Windows kernel is about to receive a security-focused redesign after CrowdStrike crash

Why it matters: The kernel space is the core component of a computer operating system, where critical hardware management and device driver code reside in memory. If a kernel-level driver malfunctions ...