Uroburos Malware Defeats Microsoft’s PatchGuard
Introduced years ago for 64-bit editions of Windows XP and Windows Server 2003, Microsoft's Kernel Patch Protection, or PatchGuard, is designed to prevent malware attacks that work by modifying essential parts of the Windows kernel. If a rootkit or other malicious program manages to tweak the kernel, PatchGuard deliberately crashes the system. This same feature made life tough for antivirus vendors, as many of them relied on benignly patching the kernel to improve security; they've since adapted. However, a new report from G Data states that a threat called Uroburos can bypass PatchGuard.