Your anti-cheat software has the same system access as your antivirus
The game you're playing probably has kernel access. So does your VPN. So does TeamViewer. So does that hardware monitoring tool running in your system tray.
Kernel access lets software interact directly with your operating system's core. Performance benefits and advanced functionality come with massive security risks. After CrowdStrike crashed 8.5 million computers, it's worth knowing which applications on your machine have this level of access—and which ones don't need it.
The following is a list of applications that may require kernel access.
Best practice is to limit kernel access to only the most necessary applications.
| Application | Purpose | Examples |
|---|---|---|
| Anti-Cheat Software | Monitors game processes, memory, and hardware to detect low-level cheating | Vanguard, EasyAntiCheat, BattlEye |
| Security Software | Protects against malware by monitoring system calls and intercepting malicious activities | Antivirus, EDR solutions |
| Virtualization Software | Manages virtual machines with direct hardware access for near-native performance | VMware, VirtualBox, Hyper-V |
| Performance Monitoring Tools | Monitors CPU frequencies, temperatures, voltages; enables hardware overclocking | MSI Afterburner, HWiNFO |
| Remote Access Software | Enhances remote desktop functionality and secure connections | TeamViewer, RealVNC |
| Backup and Recovery Software | Creates disk images, backs up locked files, performs bare-metal recovery | Acronis, Macrium Reflect |
| Disk Management Tools | Manipulates partition tables, file systems, and disk structures at low level | EaseUS, MiniTool Partition Wizard |
| VPN Clients | Bypasses user-mode processing for better throughput and network traffic interception | Some enterprise VPN solutions |
| Development and Debugging Tools | Inspects kernel memory, sets hardware breakpoints, analyzes system crashes | WinDbg, Sysinternals tools |
Recognizing when software is requesting kernel-level access is essential for system security:
When kernel access is unavoidable, implement these protective measures:
Consider these alternatives before granting kernel access:
Be alert to these red flags when evaluating software requesting kernel access:
Limit kernel access to software that genuinely requires it. Verify publisher reputation before installing anything that asks for it.
Your anti-cheat software has the same system access as your antivirus
The game you're playing probably has kernel access. So does your VPN. So does TeamViewer. So does that hardware monitoring tool running in your system tray.
Kernel access lets software interact directly with your operating system's core. Performance benefits and advanced functionality come with massive security risks. After CrowdStrike crashed 8.5 million computers, it's worth knowing which applications on your machine have this level of access—and which ones don't need it.
The following is a list of applications that may require kernel access.
Best practice is to limit kernel access to only the most necessary applications.
| Application | Purpose | Examples |
|---|---|---|
| Anti-Cheat Software | Monitors game processes, memory, and hardware to detect low-level cheating | Vanguard, EasyAntiCheat, BattlEye |
| Security Software | Protects against malware by monitoring system calls and intercepting malicious activities | Antivirus, EDR solutions |
| Virtualization Software | Manages virtual machines with direct hardware access for near-native performance | VMware, VirtualBox, Hyper-V |
| Performance Monitoring Tools | Monitors CPU frequencies, temperatures, voltages; enables hardware overclocking | MSI Afterburner, HWiNFO |
| Remote Access Software | Enhances remote desktop functionality and secure connections | TeamViewer, RealVNC |
| Backup and Recovery Software | Creates disk images, backs up locked files, performs bare-metal recovery | Acronis, Macrium Reflect |
| Disk Management Tools | Manipulates partition tables, file systems, and disk structures at low level | EaseUS, MiniTool Partition Wizard |
| VPN Clients | Bypasses user-mode processing for better throughput and network traffic interception | Some enterprise VPN solutions |
| Development and Debugging Tools | Inspects kernel memory, sets hardware breakpoints, analyzes system crashes | WinDbg, Sysinternals tools |
Recognizing when software is requesting kernel-level access is essential for system security:
When kernel access is unavoidable, implement these protective measures:
Consider these alternatives before granting kernel access:
Be alert to these red flags when evaluating software requesting kernel access:
Limit kernel access to software that genuinely requires it. Verify publisher reputation before installing anything that asks for it.