Interesting.
Win11 24H2 shut down one of the easy Windows exploit KASLR bypasses: enumerating loaded device drivers to identify the base address of the kernel module.
EnumDeviceDrivers now requires SeDebugPrivilege to return valid ImageBase values.
No privs, returned lpImageBase array = all NULL.