top | item 46992279

(no title)

arcfour | 17 days ago

There are a number of Microsoft-signed drivers that have vulnerabilities in them that can be exploited allowing kernel-level access (memory read/write primitives, etc.) - they would load fine under Secure Boot - and, indeed, malware already has exploited this before.

This does make cheating harder, and does make it a cat-and-mouse game where signatures are revoked and they move on to a new driver, but the fact of the matter is - there are a ton of drivers out there and some of them will always be vulnerable in some way. To this end, I think focusing on client-side anti-cheat at all is a lost cause.

discuss

No comments yet.