Microsoft introduces new security technology to prevent data corruption, IT News, ET CIO

0
214
San Francisco, Microsoft has introduced a new platform security technology to prevent data corruption techniques being adopted by cyber criminals to target system security policy and tamper with data structures on Windows 10 devices.

Called Kernel Data Protection (KDP), the technology prevents data corruption attacks by protecting parts of the Windows kernel and drivers through virtualization-based security (VBS).

According to the company, KDP is a set of APIs (application programming interfaces) that provide the ability to mark some kernel memory as read-only, preventing attackers from ever modifying protected memory.

“For example, we’ve seen attackers use signed but vulnerable drivers to attack policy data structures and install a malicious, unsigned driver. KDP mitigates such attacks by ensuring that policy data structures cannot be tampered with,” the tech giant said in a statement this week.

The concept of protecting kernel memory as read-only has valuable applications for the Windows kernel, inbox components, security products, and even third-party drivers like anti-cheat and digital rights management (DRM) software.

KDP uses technologies that are supported by default on…

Read More…