Isolated User Mode Processes and Features in Windows 10 with Logan Gabriel

Sign in to queue

The Discussion

  • User profile image
    Julien Couvreur

    For those pressed for time, this episode discusses how the isolated user mode was pen-tested. Also, discusses some possible applications for this, such as virtual TPM (a process keeping secrets, similar to TPM keeping secrets in hardware).

  • User profile image

    I guess that something cool to port into this secure world is patcguard so even the kernel cannot change it. A lot of way to disable is to modify the kernel,
    but let say that patchguard could be initialized (during the uefi boostrap)and placed into a that secure world than it would became impossible to hack it.

  • User profile image

    I doubt he has time to follow the thread here, but I'd love to hear what Mr. Gabriel's insights on the "hive" in relation to kernel mode, isolated user mode etc. are. Great video.=> Glad the dice comment made the cut! I've been absent from the progress of the ntkernel since early/mid 5 and this really helped to give me a birds-eye view of the, errr, state of the union, so to speak. Cheers ! :0)

  • User profile image

    Are these in order?

    Part 1: Isolated User Mode

    Part 2: Isolated User Mode Processes and Features (This Video)

    Part 3: More on Process and Features


    Really enjoying these videos!

    Thank you for sharing!


Add Your 2 Cents