Windows 10 made a lot of improvements in Kernel Address Space Layout Randomization (KASLR) that increases the cost of exploitation, particularly for remote code execution exploits. Many kernel virtual address space (VAS) locations including kernel stacks, pools, system PTEs etc. are randomized. A well-known exception to this is the KUSER_SHARED_DATA structure which is a page …
Randomizing the KUSER_SHARED_DATA Structure on Windows Read More »
Source – Microsoft Security Response Center
All content and images belong to their respected owners, this article is curated for informational purposes only.