|
|
|
|
|
|
by stable-point
3599 days ago
|
|
|
> if someone has those rights, you're already screwed. I think that this was once true, but Secure Boot was an attempt to improve the situation. My understanding is that Microsoft's Virtualization Based Security (which Device Guard/Credential Guard are built upon) rely on the assumption that the boot process is secure. If an attacker could have their root kit load before the OS/Hyper-V, then they render those mitigations useless. |
|
|