Melting Down PatchGuard: Leveraging KPTI to Bypass Kernel Patch Protection

cybersecurity, Windows, enSilo Breaking Malware, meltdown, KPTI, PatchGuard

The mitigation for Meltdown created a new part in the kernel which PatchGuard left unprotected, making hooking of system calls and interrupts possible, even with HVCI enabled.

Read More