Wednesday, November 25, 04:27
Home security Microsoft's new KDP technology eliminates malware

Microsoft's new KDP technology eliminates malware

Microsoft released the first technical details today about a new security feature that will soon be part of Windows 10. Named Kernel Data Protection (KDP), Microsoft says that this feature will prevent malicious agents from modifying / destroying it. operating system memory.

According to Microsoft, the KDP works by giving developers access to APIs through programming that will allow them to define sections of the Windows kernel as read-only sections.

"For example, we've seen intruders use signed but vulnerable drivers to attack policy data structures and install a malicious unsigned driver," said Microsoft's Base Kernel team. "The KDP mitigates such attacks by ensuring that policy data structures cannot be altered."

KDP Microsoft malware

Microsoft says that this new technology has been developed with security in mind, but that it has other applications, such as anti-cheat software and digital rights management (DRM).

In addition to improving its security operating system, KDP has other benefits, such as:

  • Performance Improvements - KDP reduces the burden on "attestation components", which will no longer need to periodically verify data-protected data variables
  • Reliability improvements - KDP facilitates diagnosis errors memory corruption that does not necessarily represent vulnerabilities
  • Provide incentive for driver developers and suppliers to improve virtualization-based security compatibility by improving the adoption of these technologies in the ecosystem

Redmond says KDP is working on a new technology that the company is working on to add to Windows 10. The technology, known as virtualization-based security (VBS), uses the subject hardware to isolate a secure memory area from the normal operating system in a "virtual safe mode".

The KDP works by receiving its memory signal core as read-only and moves it to a virtual secure VBS mode where it cannot be altered, even by the operating system itself.

Microsoft says VBS support is the only requirement for using KDP along with an application in Windows 10.

Any computer that supports VBS will also natively support KDP. Currently, VBS is supported on anyone computer which supports:

  • Intel, AMD or ARM virtualization extensions
  • Second level address translation: NPT for AMD, EPT for Intel, 2nd stage address translation for ARM
  • Optionally, MBEC hardware, which reduces HVCI-related performance costs
  • Microsoft's upcoming Secured-core PC series also inherently supports VBS. In fact, the Micrsoft showed the KDP feature for the first time in the official Secured-core PCs announcement earlier this March.

Currently, KDP is already included in the latest Windows 10 Insider Build. There is no timeline for when it will be included in the main fixed version of Windows 10.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

Amazon - PlayStation 5: Complaints about non-delivery of orders!

Amazon has announced that it is currently investigating what happened to the PlayStation 5's delivery failure after reports of theft ....

How to mute Fleets on Twitter

Twitter "stories", called Fleets, allow you to post content that disappears after 24 hours. But if you want ...

Apple's security chief accused of bribery

A prosecutor in Santa Clara, California, issued an indictment on Monday, accusing Apple security chief Thomas Moyer of offering bribes ...

A mysterious metal monolith was discovered in the Utah desert

A strange metal monolith was found in the Utah desert by a helicopter crew passing through the area!

US election: A small group of accounts spreads fake news

The researchers found that a small group of social media accounts are responsible for spreading fake news about ...

Intel spreads FUD on Ryzen 4000 performance

On Friday, Intel made a presentation to various journalists and analysts telling them that there is a serious discrepancy between the performance of ...

Black Friday: What are Amazon's best deals?

Black Friday is almost here, and we've put together the best deals on Amazon devices. Amazon has an ever-expanding list of devices, ...

Data breach at Bristol City Council

A data breach that took place in the Bristol City Council, resulted in the leak of information such as names and email addresses ...

E-Land-South Korea: Fell ransomware attack

One of the largest retailers in South Korea, E-Land, was forced to close almost half of its stores after a ransomware ...

Investigator breaks down a Tesla Model X in just minutes

A Belgian security researcher has discovered a method that hijacks the firmware of key fobs of the Tesla Model X, allowing him to ...