This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
A thread that is inside a critical region executes with user APCs and normal kernel APCs disabled. A thread inside a guarded region runs with all APCs disabled.
A driver can enter and exit a critical region as follows:
Call KeEnterCriticalRegion to enter a critical region.
Call KeLeaveCriticalRegion to exit a critical region.
Each call to KeEnterCriticalRegion must have a matching call to KeLeaveCriticalRegion.
A driver can enter and exit a guarded region as follows:
Call KeEnterGuardedRegion to enter a guarded region.
Call KeLeaveGuardedRegion to leave a guarded region.
Each call to KeEnterGuardedRegion must have a matching call to KeLeaveGuardedRegion.
Drivers that were developed for Windows Server 2003 and later versions of Windows can use guarded regions to disable special kernel APCs. Drivers that were developed for earlier operating systems can disable special kernel APCs by raising the current IRQL to APC_LEVEL by calling KeRaiseIrql. Use KeLowerIrql to lower the current IRQL to the previous value.
Training
Module
Secure Windows Server user accounts - Training
Protect your Active Directory environment by securing user accounts to least privilege and placing them in the Protected Users group. Learn how to limit authentication scope and remediate potentially insecure accounts.