Truth is all fancy EDRs and endpoint security can be disabled by an attack like this. With Driver control using HVCI on Windows 10 this attack is prevented. You don’t need to buy this, it’s included in Windows 10 pro and up. All Secured core PCs have it on by default.https://twitter.com/SwiftOnSecurity/status/1225494447980453890 …
It would be interesting to see some real-world statistics for how HVCI affects performance. Both with a modern-enough CPU to support the performance enhancements that @dwizzzleMSFT mentioned, as well as with systems that aren't so lucky.
-
-
I didn't run any benchmarks, but I didn't see any noticeable performance difference on 7th Gen or later with HVCI on.
-
This is expected you would only see smaller changes in specific benchmarks which is why we should clarify the docs
- 17 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.