CSO Online

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools.
EurekAlert!

Windows kernel defenses aren't enough to stop a lucrative game cheating market – new study

Hackers commonly bypass Microsoft Windows kernel protections to enable cheating in competitive online games, new research shows. Academics at the University of Birmingham performed a technical ...
ZDNet

Windows 10: This kernel malware is why you need Secured-core PCs, says Microsoft

Microsoft has outlined why its new breed of Secured-core PCs, such as the Surface Pro X, are equipped to fight off ransomware and other malware that attack vulnerable hardware drivers to compromise a ...
Ars Technica

Microsoft changes Windows in attempt to prevent next CrowdStrike-style catastrophe

In the summer of 2024, corporate anti-malware provider CrowdStrike pushed a broken update to millions of PCs and servers running some version of Microsoft’s Windows software, taking down systems that ...
CSOonline

Microsoft hints at revoking access to the Windows kernel — eventually

A new Microsoft announcement suggests it has found a way to deliver kernel-level visibility and capabilities to apps running in user mode. Experts conclude a ban on kernel access for cybersecurity ...