Windows Internals: Dissecting Secure Image Objects - Part 1

Connor McGarr·Connor McGarr·Security / OSINT·

Introduction Recently I have been working on an un-published (at this time) blog post that will look at how securekernel.exe and ntoskrnl.exe work together in order to enable and support the Kernel Control Flow Guard (Kernel CFG) feature, which is enabled under certain circumstances on modern Windows systems. This comes from the fact that I have recently been receiving questions from others on this topic. During the course of my research, I realized that a relatively-unknown topic that kept reap...

Read full article →

Related Articles

Google Chrome silently installs a 4 GB AI model on your device without consent
john-doe · Hacker News · 16d ago
DNSSEC disruption affecting .de domains – Resolved
warpspin · Hacker News · 15d ago
Security through obscurity is not bad
mobeigi · Hacker News · 18d ago
US healthcare marketplaces shared citizenship and race data with ad tech giants
ZeidJ · Hacker News · 16d ago
The text mode lie: why modern TUIs are a nightmare for accessibility
SpyCoder77 · Hacker News · 17d ago