-
HyperGuard – Secure Kernel Patch Guard: Part 2 – SKPG Extents
Welcome to Part 2 of the series about Secure Kernel Patch Guard, also known as…
-
HyperGuard – Secure Kernel Patch Guard: Part 1 – SKPG Initialization
This will be a multi-part series of posts describing the internal mechanisms and purpose of…
-
IoRing vs. io_uring: a comparison of Windows and Linux implementations
A few months ago I wrote this post about the introduction of I/O Rings in…
-
I/O Rings – When One I/O Operation is Not Enough
Introduction I usually write about security features or techniques on Windows. But today’s blog is…
-
Thread and Process State Change
a.k.a: EDR Hook Evasion – Method #4512 Every couple of weeks a new build of…
-
Exploiting a “Simple” Vulnerability, Part 2 – What If We Made Exploitation Harder?
Introduction In a previous post I went over vulnerability CVE-2020-1034, which allows arbitrary increment of…
-
Exploiting a “Simple” Vulnerability – Part 1.5 – The Info Leak
Introduction This post is not actually directly related to the first one and does not…
-
CET Updates – Dynamic Address Ranges
In the last post I covered one new addition to CET – relaxed mode. But…
-
Exploiting a “Simple” Vulnerability – In 35 Easy Steps or Less!
Introduction In September MS issued a patch that fixed the CVE-2020-1034 vulnerability. This is a…
-
DPWs are the new DPCs : Deferred Procedure Waits in Windows 10 21H1
With the Windows 21H1 (Iron/“Fe”) feature complete deadline looming, the last few Dev Channel builds…