The hypervisor leverages processor virtualization extensions to enforce memory protections that prevent kernel-mode software from executing code that has not been first validated by the code integrity subsystem. HVCI ensures that only validated code can be executed in kernel mode. The KMCI role is to check that all kernel code is properly signed and hasn’t been tampered with before it is allowed to run. This helps prevent attacks that attempt to modify kernel mode code such as drivers. HVCI uses VBS to run kernel mode code integrity (KMCI) inside the secure VBS environment instead of the main Windows kernel.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |