What is Kernel Mode Driver?

Questions and answers about Widows security.

Kernel mode is a type of environment that contains exceptionally high level privileges. All the drivers that are made for kernel mode and are being run in kernel mode have the same level of privilege.

Another kind of mode is called user mode; in user mode the drivers and programs have limited access and privileges.

In the kernel mode of an operating system, the code that is being executed has complete and uninterrupted access to all the hardware components of a system.

The kernel mode driver can execute any instruction it needs on the CPU without waiting, and can reference any memory address that is available.

The kernel mode is generally used for highly trusted and core operating system components. The kernel mode drivers include:

  • Management Instruments
  • DMA (Direct Memory access)
  • Plug and Play device drivers
  • Power Management
  • Input and Out Queries
  • Video Drivers
  • Card drivers

If a kernel mode driver crashes or starts to function improperly, the whole operating system crashes, destroying all the data and the information and files it is holding in its primary hard drive.

All the programs that have been installed and are running in user mode become non-responsive and void. The kernel mode drivers are not dependent on system advance programming interfaces and can directly access the CPU without generating an interrupt call or waiting for the CPU task to be completed.

Similarly they can use any space available in the memory simply by referencing it. Both the user and the kernel mode are implemented by the CPU hardware. The kernel mode drivers have a high performance due to their privileges. Kernel mode is also known as system mode and kernel mode drivers are also known as system drivers.

This is one of our top 5 most popular articles! Click to get the other 4 best free internet security articles.

More security questions & answers