Omri Misgav & Udi Yavo

Melting Down PatchGuard: Leveraging KPTI to Bypass Kernel Patch Protection

enSilo Breaking Malware, cybersecurity, Windows, meltdown, KPTI, PatchGuard

The mitigation for Meltdown created a new part in the kernel which PatchGuard left unprotected, making hooking of system calls and interrupts possible, even with HVCI enabled.

Read More