Comment on Microsoft is moving antivirus providers out of the Windows kernel. Hopefully anti-cheat will be next
DarkMetatron@feddit.org 1 day agoThere already is a API for this with ebpf for Windows and it is the same API that can be used on Linux (because it originates from Linux).
microsoft.github.io/ebpf-for-windows/
EBPF still runs in Kernel space but in a much more limited and confined way.