-
Ich rate mal so halbwegs...
Autor: Bouncy 24.06.15 - 16:17
Inoffiziell hieß es vor Kurzem von einem MS-Vertreter, dass das SP3 mit Windows 10 sehr wahrscheinlich Virtualization Based Security unterstützen wird, als vermutlich einzige derzeit erhältliche Hardware wird es kompatibel damit werden.
Ich copy&paste&screenshote einfach mal aus nem PDF dazu:
> Virtualization Based Security
> Provides a new trust boundary for system software
> Leverage platform virtualization to enhance platform security
> Limit access to high-value security assets from supervisor mode (CPL0) code
> Provides a secure execution environment to enable:
> Protected storage and management of platform security assets
> Enhanced OS protection against attacks (including attacks from kernel-mode)
> A basis for strengthening protections of guest VM secrets from the host OS
> Windows 10 services protected with virtualization based security
> Kernel Mode Code Integrity
> ---------------
> KMCI protected by VBS
> CI rules are still enforced even if a vulnerability allows unauthorized kernel mode memory access
> Memory pages are only marked executable if CI validation succeeds
> Kernel memory cannot be marked both writable and executable
> BUT… not all drivers will be compatible initially




