![]() ![]() ![]() When an update targets the NT kernel or additional core components, a restart is always required because it is not possible to unload those binaries while their code is executing. When binaries such as these are patched as part of an update, a restart is required for the patch to be successfully installed. Certain kernel and user-mode binaries, like win32k.sys or ntdll.dll, are always loaded into memory and some others, like Explorer.exe, are loaded when there is an active user session. The reason a reboot is almost always required is because a binary that must be updated is usually actively mapped in one or more processes so its code may be currently executing. Usually, many binaries from all over the system are accessed and changed when a patch is applied. While technologies like Kernel Soft Reboot and VM preserving host updates already exist to minimize VM downtime while changing major OS releases, security patches are applied frequently enough that even this technique impacts downtime. However, we also require these operating system instances to be secure. For example, the instances of Windows Server that power the Azure fleet are required to be highly available. Some scenarios require continuous or near-continuous availability. Within each patch, both user mode (application) and kernel mode (system) binaries can be updated, and typically this requires a reboot. By providing these security patches, we aim to make the Windows OS more secure and eliminate the opportunity of malicious actors to exploit vulnerabilities. These patches are developed by feature teams as a fix for various security vulnerabilities in the OS. Traditionally, security patches have been deployed on the second Tuesday of every month, known as Patch Tuesday. To fix these vulnerabilities, Microsoft has historically combined a group of security fixes into what is known as a security patch. Every day, many malicious actors attempt to find vulnerabilities. Like many operating systems, Windows has a large codebase, a driver ecosystem, and a complex set of dependencies. A core priority of the Windows Kernel team is to keep the operating system, applications, and users secure. ![]()
0 Comments
Leave a Reply. |