A Deep Dive Analysis of Microsoft’s Kernel Virtual Address Shadow Feature

One of the key features of Microsoft‘s patches is the “Kernel Virtual Address Shadow” (a term coined by Microsoft), or KVAS for short. This feature effectively blocks the Meltdown attack, as it leaves very little kernel memory accessible to user mode code. In this blog post we provide a deep dive analysis of this feature.

Article Link: https://blog.fortinet.com/2018/01/25/a-deep-dive-analysis-of-microsoft-s-kernel-virtual-address-shadow-feature