Developer Guidance for Hardware-enforced Stack Protection
Windows 10 implementation details of Hardware-enforced Stack Protection, which takes advantage of the latest chipset security extension, Control-flow Enforcement Technology (CET). This blog aims to help developers better understand how to take advantage of this feature.
Introducing Kernel Data Protection, a new security technology for preventing data corruption
Kernel Data Protection (KDP) is a new technology that prevents data corruption attacks by protecting parts of the Windows kernel and drivers through virtualization-based security (VBS). KDP is a set of APIs that provide the ability to mark some kernel memory as read-only, preventing attackers from ever modifying protected memory.
