Safe Unlinking in the Kernel Pool

Windows 7 includes low-level integrity checks not included with earlier versions of Windows to reduce the risk of overruns. Malware frequently uses different types of overruns to run elevated privileges and code without the user’s consent. Essentially, Windows 7 double-checks the contents of memory in the pool—a portion of memory that applications use temporarily but which is managed by the operating system. If the pool has been modified or corrupted, Windows 7 initiates a bug check that prevents more code from running.

According to internal Microsoft testing, the additional memory checking does not have a measurable performance impact. For more information, read “Safe Unlinking in the Kernel Pool” at

Source of Information : Windows 7 Resource Kit 2009 Microsoft Press

No comments:

Cloud storage is for blocks too, not just files

One of the misconceptions about cloud storage is that it is only useful for storing files. This assumption comes from the popularity of file...