Windows 11 support

c++ / delphi package - dll injection and api hooking
Post Reply
gracklow12
Posts: 2
Joined: Mon Jun 28, 2021 11:54 pm

Windows 11 support

Post by gracklow12 »

Hi,

Any idea on support for Windows 11? Looks like there are a lot of security updates which may affect hooking.

m
madshi
Site Admin
Posts: 10434
Joined: Sun Mar 21, 2004 5:25 pm

Re: Windows 11 support

Post by madshi »

Do you have a link which describes those security updates? I've most only seen GUI improvements being mentioned, and cutting of old hardware support and cutting of 32bit support.
madshi
Site Admin
Posts: 10434
Joined: Sun Mar 21, 2004 5:25 pm

Re: Windows 11 support

Post by madshi »

Some/most of these things are already available in Windows 10 to some extent. E.g. TPM 2.0 and SecureBoot are already supported by Windows 10, just not required. But I don't think they have any effect on madCodeHook. Except that SecureBoot randomly comes with the requirement to use EV certificates for driver signing.

They mention hardware-enforced stack protection, by which they probably mean CET, but that's already included in the latest Windows 10 build, and madCodeHook has recently been updated to support CET.

They mention a "Microsoft Pluton security processor", no idea what that is and whether it would impact madCodeHook in any way.

"Secured-core PCs" sounds like a protection for the BIOS etc, which is "nice", but doesn't have anything to do with madCodeHook.

Overall, I'm not too scared just yet, but let's wait and see.
choochy2003
Posts: 84
Joined: Fri Mar 21, 2008 4:52 am
Location: Adelaide, South Australia
Contact:

Re: Windows 11 support

Post by choochy2003 »

I have tested our product on the latest Windows 11 Insider Preview build and the injection, hooking & IPC all seem to work as expected.
madshi
Site Admin
Posts: 10434
Joined: Sun Mar 21, 2004 5:25 pm

Re: Windows 11 support

Post by madshi »

Sounds good, thanks for the heads-up.
choochy2003
Posts: 84
Joined: Fri Mar 21, 2008 4:52 am
Location: Adelaide, South Australia
Contact:

Re: Windows 11 support

Post by choochy2003 »

Also, to aid in testing without needing Microsoft Certification for every build (although you still need the drivers signed by an EV code signing), you can bypass the Secure Boot check in Windows 11. That is how I run my test builds under Windows 11.

Follow these instructions to bypass the Secure Boot check:
  • Open Registry Editor.
  • Navigate to the HKEY_LOCAL_MACHINE\SYSTEM\Setup.
  • From the left-hand side right-click on the Setup registry key and choose New > key and name it as “LabConfig”.
  • Next right click on the LabConfig registry key and choose New > DWORD (32-bit value) and name it as BypassSecureBootCheck DWORD.
  • Double click on the BypassSecureBootCheck DWORD and set the value as 1 and click on OK.
bypasssecureboot.jpg
bypasssecureboot.jpg (60.59 KiB) Viewed 1031 times
  • Now restart the system and try and run your DLL injection process.
Last edited by choochy2003 on Tue Jul 06, 2021 9:18 am, edited 1 time in total.
madshi
Site Admin
Posts: 10434
Joined: Sun Mar 21, 2004 5:25 pm

Re: Windows 11 support

Post by madshi »

Great - thanks!
Post Reply