Many of us know that normal security programs can’t detect malware that attacks directly the Kernel. That malware is a beast. Windows XP is the most exposed to attacks as from May it will no longer receive security updates, but the matter concerns all the OS.
Therefore the most important thing to develop is surely a deeper protection of our PCs up to the Kernel.
The program AppLocker already protect the Kernel (at least partially) so my request is possible.
The new Comodo Internet Security 7 BETA does have a behavior blocker. They are still developing it. Basically it monitors programs and undoes any malicious changes made. I would not try it until stable release though.
I believe CIS already does this. It monitors all unknown programs, and will not allow them kernel access unless the user explicitly allows it.
CIS protects the kernel; it monitors driver loading and starting of services.
For protecting XP after Microsoft stops support I would suggest to use EMET to prevent exploits from getting a foot in the door.
You need to update to Windows 7 or 8 to get kernel updates. Keeping XP is not a good idea from a security perspective unless you run it in a VM after the security updates end.