In order to protect a host computing system against malicious software—often called “malware”—that can steal or destroy system resources, data, and private information, security software configured to guard against such threats is often implemented in both a kernel mode and a user mode of the host computing system. On at least some occasions, a kernel-level security component may need to send data to a user-level security component, or vice versa, such as to communicate events from one component to the other.