Provided by: SecurityTube.net
Date Added: Nov 2014
The security features added in modern 64-bit versions of Windows raise the bar for kernel mode rootkits. Loading unsigned drivers, which is what most rootkits will attempt to do, is denied by driver signature enforcement. PatchGuard protects the integrity of the running kernel, preventing them from modifying critical structures and setting up hooks.