348
Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability
(www.theregister.com)
This is a most excellent place for technology news and articles.
Doesn’t having admin privileges mean you can load any driver into the kernel anyway, including blatantly malicious drivers?
I'm not sure that's necessarily true with enforcement of driver signing.
The latest OS kernels typically make some effort to resist arbitrary code injection even by the system administrator and sometimes goes even further against an attacker with a read/write primitive on the kernel. Linux with secure boot will refuse to load unsigned kernel modules for example.
Why’s that? I thought admin could override that
It is part of the SSSCA / CBDTPA / "Trusted" computing initiative. The large corporations want to control what you are allowed to do with your computer. This is where the phrase "digital rights management" comes from.