[united893]

Why would they do that? They don't need to send the data through the kernel, they can just IPC it to the process and use the existing telemetry stack.

Also, what gives you panic here? What more damage can they do than running in user mode? They can already access all your files, steal all your cookies etc.

[zeusk]

well because if an attack vector is found in their anti-cheat driver, attackers could use it to access memory space of other processes and not just user accessible files or launch a privileged process for keeping tab on your system.