The Latest in IT Security

GhostHook Attack Bypasses Windows 10 PatchGuard

23
Jun
2017
GhostHook Attack Bypasses Windows 10 PatchGuard

ghosthook-attack-bypasses-windows-10-patchguard

A bypass of PatchGuard kernel protection in Windows 10 has been developed that brings rootkits for the latest version of the OS within reach of attackers.

Since the introduction of PatchGuard and DeviceGuard, very few 64-bit Windows rootkits have been observed; Windows 10’s security, in particular its mitigations against memory-based attacks, are well regarded. Researchers at CyberArk, however, found a way around PatchGuard through a relatively new feature in Intel processors called Processor Trace (Intel PT).

Read More

Leave a reply


Categories

MONDAY, SEPTEMBER 25, 2017

Featured

Archives

Latest Comments

Social Networks