Here’s a nice explaination of why patchguard prevents Windows Vista from being hooked


Jesper Johansson’s post Microsoft blog includes an nice concise explaination of WHAT PatchGuard does AND why it’s important for Windows Vista (and Server 2003 SP1 on 64 bit) to prevent the kernel from being hooked.

Reading Jesper’s post titled “Security Vendors: Microsoft is making Vista too secure” together with the vibrant debate in the comments should help you get a more rounded perspective.

Incidentally the published hacks for PatchGuard require the attacker to already have compromised the machine and have attained Administrative rights – in other words the game’s already over!