Defense in depth — the Microsoft way (part 85): escalation of privilege plus remote code execution with HVCISCAN.exe

Read Time:22 Second

Posted by Stefan Kanthak on Jun 07

Hi @ll,

about a month ago Microsoft published HVCIScan-{amd,arm}64.exe, a
“Tool to check devices for compatibility with memory integrity (HVCI)”

The “Install instructions” on the download page
<https://www.microsoft.com/en-us/download/105217> tell:

| Download the hvciscan.exe for your system architecture (AMD64 or ARM64).
| From an elevated command window or PowerShell, run hvciscan.exe

“ELEVATED” sounds…

Read More