In a conventional operating system, once malware (e.g., “viruses,” “worms,” “Trojan horses,” “spyware,” “adware,” etc.) gains certain access privileges, such as root or administrative privilege, the malware can cause significant damage to software or hardware within the system. Particularly, the malware can modify certain security settings of system components or applications running within an operating system, which in turn defeat most or all of the security measures present within the system. The security concerns caused by malware impact nearly all types of processor-based electronic devices and are a particular concern for computing devices, including server or workstation computing devices; laptop and mobile computing devices; tablet computing devices; cell phones; personal digital assistants (“PDA's”); music and video players; network routers, switches or bridges; and other devices utilizing a microprocessor, microcontroller, or a digital signal processor, to execute coded instructions have been the subjects of attacks by malicious code.
A number of methodologies have been used in an attempt to reduce or eliminate both the attacks and influence of malicious or defective code. Generally, these methodologies include detection, prevention, and mitigation. Specifically, these methodologies range from attempts to scan, identify, isolate, and possibly delete malicious code before it is introduced to the system or before it does harm (such as is the objective of anti-virus software, and the like), to restricting or containing the actions which may be taken by processes affected by malicious or defective code. However, most of these techniques are ineffective if the malware gains access to administrative privileges for the operating system.