Two security researchers at search engine giant Google have discovered 20 kernel bugs, about half remaining unpatched, affecting Windows, Linux and the popular VMware virtualization software over the last several years. Google engineers, Julien Tinnes and Tavis Ormandy said kernel security must improve. They shared their kernel security research recently at the CanSecWest Applied Security Conference. They say they hope their data motivates operating system developers to reduce the kernel attack surface.
The kernel is the underlying code base of an operating system where processes, resources and memory allocation is handled. While attacks against kernel flaws are few in number because they take an increased sophistication to pull off, they can be serious because a successful attack could give cybercriminals complete access to a system and all its resources.

The link for this article located at Search Security is no longer available.