This specification relates computer security.
A computer system can be compromised by hostile software applications or processes (e.g., malware, viruses, etc.). A hostile software application can cause an operating system kernel to write data to memory locations specified by the hostile software application. For example, the hostile software application can exploit defects and/or vulnerabilities associated with an operating system and cause the operating system kernel to modify the instructions associated with the kernel (e.g., insert a backdoor that allows a user or other software to circumvent security measures or that grants a user or software improper access). As another example, the hostile software application can cause the operating system kernel to modify data stored in various data structures or tables used by the Central Processing Unit (CPU) or operating system (e.g., an interrupt descriptor table, global descriptor table, etc.). In addition, the hostile software application can exploit the defects and/or vulnerabilities associated with an operating system to determine the location of a resource associated with the CPU or operating system (e.g., an interrupt descriptor table or a global descriptor table) using commands associated with the CPU. For example, the hostile software application can use the SIDT instruction to cause the CPU to provide the address of the interrupt descriptor table.