The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Dec. 03, 2013
Filed:
Sep. 21, 2011
Royce LU, Taipei, TW;
Ming-chang Shih, Taipei, TW;
Wen-chih Lee, Taipei, TW;
Trend Micro Incorporated, Tokyo, JP;
Abstract
A computer is protected from argument switch attacks by intercepting a function call to terminate a process. The function call and a handle used as an argument in the function call are forwarded by an antivirus system service descriptor table to an antivirus. The antivirus is configured to evaluate the function call to determine whether or not the function call is terminating an antivirus process. A consistent handle table includes a listing of handles of processes employed as arguments in function calls that terminate processes and are approved by the antivirus. Instructions that close a handle are detected by the antivirus, which compares the handle to those in the consistent handle table. The antivirus blocks those instructions that close a handle that is included in the consistent handle table.