After many years, Microsoft has finally begun to take the security of its operating system seriously. Today we can say that Windows 10 is a secure operating system. At least as much as any other. This system has a large number of internal security measures to protect users, in addition to being installed by default with Windows Defender, Microsoft’s free antivirus to protect the operating system from malware. But everything is improvable. And now Windows 10 is a little more secure thanks to the Kernel Data Protection feature.
What is KDP – Kernel Data Protection
Kernel Data Protection is a new security measure implemented by Microsoft to protect the operating system from all kinds of computer attacks. This security measure, mainly, is to protect certain parts of the Kernel as “read only” so that nothing and nobody can alter them.
Thanks to this security measure, the operating system will end data corruption attacks, a very frequent type of attack in Windows that allows you to gain privileges on the system and evade other security systems. Thanks to this new feature, attacks that took advantage of other security measures, such as Code Integrity (CI) and Control Flow Guard (CFG), will be completely mitigated.
Microsoft assures that the use of KDP in Windows 10 will offer users significant advantages that will improve, in addition to security, the overall operating system experience. Among others, these advantages are:
- Improve performance. Windows no longer needs to constantly verify that variables have been write protected, thus reducing the system load for this task.
- Improves reliability. Error diagnostics are now more accurate, as memory corruption does not have to represent a vulnerability.
- It enables developers to create more secure drivers through virtualization.
In order to use KDP, it is only necessary that our system supports virtualization-based security (VBS). Therefore, any computer that complies with the following may use it:
- Virtualization extensions from AMD, Intel or ARM.
- Second-level address translations, such as EPT for Intel, NPT for AMD, and Stage 2 for ARM.
- MBEC hardware (optional) to lower performance cost with HVCI.
Broadly speaking, any relatively modern computer will be able to take advantage of this security measure. Measurement that, in addition, will come activated by default, and that we will not have to configure.
At the moment, this new security measure is only available to Windows 10 Insider users. Specifically, on the Dev channel, the most advanced and unstable of all. Starting with Windows 10 21H1 build 20161, all builds will come with this security measure enabled by default, as long as the hardware allows.
We don’t know when Microsoft will bring its KDP to the stable branch of Windows. If its development is progressing a lot and can be considered stable, we may see it a bit early, specifically with the launch of Windows 10 20H2. However, most likely, until the arrival of Windows 10 21H1, the first update of next year 2021, we will not receive this new security measure.