Modern HVCI implementations store these flags in read-only pages enforced by the hypervisor. However, researchers have found that certain versions of Windows (before 20H2) did not properly lock down g_CiEnabled . By locating this variable via pattern scanning and overwriting it, an attacker could blind the hypervisor into thinking HVCI was never turned on.
Introduction: The Fortress of Kernel Security In the ever-evolving landscape of Windows security, few defenses have raised the bar as high as Hypervisor-Protected Code Integrity (HVCI) . Introduced with Windows 10 and 1803 (and later made mandatory for certain features in Windows 11), HVCI—often referred to as "Memory Integrity" in the Windows Security UI—is a virtualization-based security (VBS) feature that fundamentally changes how kernel memory is protected. Hvci Bypass
CVE-2019-0887 – An information disclosure in the hypercall HvlSwitchToVsmVtl1 allowed attackers to leak hypervisor memory. While not a full bypass, it paved the way for mapping hypervisor structures. A true vulnerability in the hypervisor’s page table management could allow an attacker to directly modify the SLAT mappings, disabling HVCI for a specific page. 3.5 Hardware-Based Bypasses (Speculative Execution) The Spectre and Meltdown class of vulnerabilities provided an indirect HVCI bypass. Modern HVCI implementations store these flags in read-only
HVCI ensures that kernel-mode code pages cannot be made writable and executable simultaneously. In simpler terms, it prevents an attacker (or a vulnerable driver) from injecting malicious shellcode into the kernel and executing it. Introduction: The Fortress of Kernel Security In the
If an attacker achieves arbitrary kernel read/write (via a vulnerable driver), they can patch g_CiOptions from 0x10 (HVCI enabled) to 0x00 (disabled) or modify Microsoft_Windows_HyperV_KernelCodeIntegrity_Enable flags.
The exploit chain Brine (CVE-2020-17087 & CVE-2020-1054) used a pool overflow to achieve arbitrary write and then patched the CI flag. This was a classic logical HVCI bypass. 3.2 Operational Bypass: Race Conditions in PTE Modification HVCI relies on the hypervisor to synchronize shadow page tables with the guest’s PTEs. If an attacker can modify a PTE after the hypervisor has validated it but before the CPU uses it, they can slip in a forbidden permission.
Intel’s Transaction Synchronization Extensions (TSX) and hypervisor-assisted locks make this nearly impossible on modern hardware. 3.3 The "Signed Driver Abuse" Bypass HVCI does not block signed kernel drivers. It blocks modification of driver code. However, a driver that is already signed and has a vulnerability can be used as a proxy to execute arbitrary code without violating HVCI.