Mitigation Timeline
When each Windows kernel defense landed and how it shifted attacker techniques.
Overview
Windows kernel mitigations have accumulated over a decade. Each new defense raises the cost of exploitation -- but rarely eliminates it. Attackers adapt by finding primitives that work within the new constraints. This page maps each defense to the technique shift it caused.
Timeline Table
| Windows Version | Build | Year | Mitigations Introduced |
|---|---|---|---|
| 8.1 | 9600 | 2013 | SMEP enforcement, kernel pool cookie hardening |
| 10 v1507 | 10240 | 2015 | Kernel VA Shadow (KASLR), CFG for user-mode |
| 10 v1607 | 14393 | 2016 | Kernel Control Flow Guard (kCFG), VBS initial release |
| 10 v1703 | 15063 | 2017 | HVCI (Hypervisor-enforced Code Integrity), Arbitrary Code Guard (ACG) |
| 10 v1709 | 16299 | 2017 | SMAP enforcement, Kernel Data Protection (KDP) preview |
| 10 v1809 | 17763 | 2018 | Retpoline (Spectre v2), import address filtering |
| 10 v1903 | 18362 | 2019 | Kernel pool type isolation, KASAN debug builds |
| 10 v2004 | 19041 | 2020 | Segment Heap for kernel pool, pool randomization |
| 10 v21H2 | 19044 | 2021 | KDP general availability, enhanced KASLR entropy |
| 11 v21H2 | 22000 | 2021 | VBS / HVCI on by default (new hardware), stack protection |
| 11 v22H2 | 22621 | 2022 | Kernel CET (kCET) shadow stacks, Vulnerable Driver Blocklist |
| 11 v23H2 | 22631 | 2023 | Enhanced kCET enforcement, smart app control |
| 11 v24H2 | 26100 | 2024 | CLFS isolation, hardened Secure Pool, admin-less by default |
FIG — Mitigation Deployment Timeline
Each milestone marks when a major mitigation first shipped. CVE density bands approximate disclosure volume -- 2025 dominates the corpus due to expanded Patch Tuesday coverage.
Impact on Exploitation
Post-SMEP / SMAP (2013--2017)
Blocked: Running user-space shellcode from kernel context. Before SMEP, a write-what-where could redirect a function pointer to user-mode shellcode. SMAP extended this to reads -- the kernel can no longer fetch user pages either.
Attacker adaptation: Data-only attacks. Attackers now modify kernel data structures (tokens, PreviousMode) instead of executing shellcode. Pool spray + token swap became the standard endgame. See Token Swapping.
Post-Segment Heap (2020)
Blocked: Predictable pool layout. The legacy allocator used fixed-size buckets that made heap spraying reliable. Segment Heap added randomization, guard pages, and metadata checks.
Attacker adaptation: Spray objects with known sizes. Named pipe attributes (Pipe Attributes), I/O Ring structures (I/O Ring), and WNF state data (WNF State Data) still land in predictable pool slots, so reclamation stays reliable despite the new allocator.
Post-kCET (2022)
Blocked: ROP in kernel context. kCET uses hardware shadow stacks to verify return addresses. kCFG separately blocks function pointer overwrites via vtable corruption.
Attacker adaptation: kCFG-compliant primitives. CVE-2026-21241 calls RtlSetBit/RtlClearAllBits -- legitimate indirect call targets that pass kCFG validation. The bit-manipulation technique stays inside the existing control flow graph.
Post-CLFS Isolation (2024)
Blocked: Unvalidated BLF metadata offsets -- the most exploited single attack surface in the corpus. CLFS Isolation adds bounds checks on structure offsets and verifies integrity during log operations.
Attacker adaptation: Still evolving. Post-isolation CLFS CVEs (CVE-2025-32713, CVE-2026-20820) show the isolation is incomplete -- new offset validation gaps keep appearing each Patch Tuesday.
What's Still Missing
These attack patterns still work despite current mitigations:
-
File format parsing in kernel. NTFS, FAT, and CLFS parse complex on-disk structures in ring 0. VHD mounting triggers this from user context. No sandbox or memory safety boundary protects these parsers.
-
IOCTL authorization model. Windows has no mandatory access control for IOCTL codes. Each driver rolls its own checks, and many skip them. See Anatomy of a Secure Driver, anti-pattern 5.
-
BYOVD. The Vulnerable Driver Blocklist is opt-in on most configurations and purely reactive -- drivers get blocklisted only after exploitation is observed. The signing model still loads old signed drivers. See BYOVD.
-
Pool spray reliability. Segment Heap added randomization, but practical exploitation still achieves reliable reclamation via I/O Ring, named pipes, and WNF objects. The hardening raises cost without preventing the technique.
Cross-References
- SMEP / SMAP -- hardware page-level enforcement
- kCFG / kCET -- control flow integrity and shadow stacks
- VBS / HVCI -- hypervisor-based code integrity
- Pool Hardening -- Segment Heap and pool cookie details
- Corpus Analytics -- the data behind this timeline
- Exploit Chain Patterns -- how chains adapted to each mitigation