[转载]Assessment of Windows Vista Kernel-Mode Security

Assessment of Windows Vista Kernel-Mode Security

文章作者：Matthew Conover
信息来源：邪恶八进制信息安全团队（www.eviloctal.com）

Windows Vista introduces several additional barriers that aim to prevent malicious code from gaining access to the operating system kernel. This paper is intended to provide a technical review of their implementation. The kernel mode security enhancements in Windows Vista are quite substantial, resulting in a dramatic reduction of its overall attack surface. However, we have identified certain weaknesses in the kernel enhancements that may be leveraged by malicious code to undermine these improvements.