CPC G06F 21/554 (2013.01) [G06F 9/545 (2013.01); G06F 9/547 (2013.01); G06F 21/33 (2013.01); G06F 21/566 (2013.01)] | 20 Claims |
1. A method comprising:
performing, by a software security agent executing in kernel mode of a computing device, a security action with respect to a malicious data object or a malicious activity detected on the computing device;
providing, by the software security agent, to one or more user mode components, a token associated with a user session in which the malicious data object or the malicious activity was detected;
receiving, by the one or more user mode components, based at least in part on the token, a pointer to one or more Component Object Model (COM) interfaces; and
outputting, via an output device of the computing device, and using the pointer to the one or more COM interfaces, a notification to indicate that the security action was performed.
|