New
#1
So Shawn, how can we fix this? I make several tweaks to the registry, including one that loads the Kernel into ram on boot up, but so far I can't remember ever doing an edit to the Kernel itself. Is that even possible?
Researchers say that a bug in the Windows kernel could allow hackers to perform malicious actions by tricking security products blindly relying on a Windows API.
The bug affects a low-level interface, known as PsSetLoadImageNotifyRoutine, that notifies when a module has been loaded into the Windows kernel. The bug can allow an attacker to forge the name of a loaded module, a method that can mislead third-party security products, and allow malicious actions without any warning.
Omri Misgav, a security researcher at enSilo, who also wrote a blog post on the bug, said that the bug appears to be a "programming error" in the kernel.
All versions of Windows are affected.
PsSetLoadImageNotifyRoutine was originally introduced in Windows 2000 to inform drivers, such as those powering security products, when a module is loaded into a process and the module's address in memory, allowing security products to track modules...
Read more: Decade-old Windows kernel bug lets hackers bypass security protections | ZDNet
So Shawn, how can we fix this? I make several tweaks to the registry, including one that loads the Kernel into ram on boot up, but so far I can't remember ever doing an edit to the Kernel itself. Is that even possible?