Exploit Development: Investigating Kernel Mode Shadow Stacks on Windows

Connor McGarr·Connor McGarr·Security / OSINT·

Introduction A little while ago I presented a talk at SANS HackFest 2024 in California. My talk provided a brief “blurb”, if you will, about a few of the hypervisor-provided security features on Windows - specifically surrounding the mitigations instrumented through Virtualization-Based Security (VBS). Additionally, about one year ago I noticed that “Kernel-mode Hardware-enforced Stack Protection” was a feature available in the UI of the Windows Security Center (before this, enabling this featur...

Read full article →

Related Articles

Google Chrome silently installs a 4 GB AI model on your device without consent
john-doe · Hacker News · 3d ago
DNSSEC disruption affecting .de domains – Resolved
warpspin · Hacker News · 3d ago
US healthcare marketplaces shared citizenship and race data with ad tech giants
ZeidJ · Hacker News · 4d ago
Security through obscurity is not bad
mobeigi · Hacker News · 5d ago
The text mode lie: why modern TUIs are a nightmare for accessibility
SpyCoder77 · Hacker News · 5d ago