Assessment of Windows Vista Kernel-Mode Security
http://www.symantec.com/avcenter/reference/Windows_Vista_Kernel_Mode_Security.pdf
http://www.symantec.com/enterprise/security_response/weblog/2006/08/assessment_of_vista_kernel_mod.html

related story:

Windows defense handcuffs good guys
http://news.com.com/2102-7355_3-6104379.html?tag=st.util.print

Kayaker

As always good stuff, Kayaker

Thank you

Nice story
I really love M$... almost from "Stacker" times

eh... nonetheless, I'm sure that after patchguard is bypassed, the guilty ones will be the users

btw why Symantec is boiling up for advanced kernel features? Didn't they have a (horrible) TDI firewall?

hehe not just symantec all of them who use rootkit kind of hooking methods
instead of writing good clean code and drivers will be whining
i hope ms dont listen to these whiners

im not saying patchgaurd may be path breaking panacea for all ills that abound or i wont bet some thing that relies on it wont be defeated

but still if it kills these horror hooks by companies that have power
to spend on development of clean code then i am really happy


read ken johnsons blog or his articles on how supposedly one of the best
av ppl screw kernel code with horror hooks that could possibly result
in giving out more holes instead of protecting what it is supposed to protect

screw it up one more notch ms

ill love to poke around when its all done in its fullest glory