diff --git a/src/internal/ntapi_impl.h b/src/internal/ntapi_impl.h
index 7bc010a..0a41fc7 100644
--- a/src/internal/ntapi_impl.h
+++ b/src/internal/ntapi_impl.h
@@ -72,6 +72,8 @@ typedef struct ___ntapi_img_sec_bss {
 typedef struct __attr_ptr_size_aligned__ _ntapi_internals {
 	nt_runtime_data *				rtdata;
 	nt_port_name *					subsystem;
+	nt_security_descriptor				seq_desc;
+	nt_security_quality_of_service			seq_qos;
 	void *						htoken;
 	void *						hport_tty_session;
 	void *						hport_tty_daemon;
diff --git a/src/process/ntapi_tt_fork.c b/src/process/ntapi_tt_fork.c
index 9f498eb..0863ead 100644
--- a/src/process/ntapi_tt_fork.c
+++ b/src/process/ntapi_tt_fork.c
@@ -17,6 +17,45 @@
 static intptr_t	__fork_retry_stats  = 0;
 static intptr_t	__fork_resume_stats = 0;
 
+static intptr_t __fastcall __ntapi_tt_fork_finalize(
+	void **		hprocess,
+	void **		hthread)
+{
+	int32_t			status;
+	nt_oa			oa;
+	nt_cid			cid;
+	ntapi_internals *	__internals;
+
+	__internals = __ntapi_internals();
+
+	*hprocess = 0;
+	*hthread  = 0;
+
+	oa.len		= sizeof(oa);
+	oa.root_dir	= 0;
+	oa.obj_name	= 0;
+	oa.obj_attr	= 0;
+	oa.sec_desc	= &__internals->seq_desc;
+	oa.sec_qos	= &__internals->seq_qos;
+
+	cid.process_id	= pe_get_current_process_id();
+	cid.thread_id	= pe_get_current_thread_id();
+
+	if ((status = __ntapi->zw_open_process(
+			hprocess,
+			NT_PROCESS_ALL_ACCESS,
+			&oa,&cid)))
+		return status;
+
+	if ((status = __ntapi->zw_open_thread(
+			hthread,
+			NT_THREAD_ALL_ACCESS,
+			&oa,&cid)))
+		return status;
+
+	return 0;
+}
+
 static int32_t __stdcall __fork_thread(void * ctx)
 {
 	intptr_t *	pstate;
@@ -207,9 +246,12 @@ intptr_t __fastcall __ntapi_tt_fork(
 			pid = __ntapi_tt_fork_v2(hprocess,hthread);
 
 		if (pid == 0) {
-			return __ntapi_tt_fork_child(
+			__ntapi_tt_fork_child(
 				hresumed,hready);
 
+			return __ntapi_tt_fork_finalize(
+				hprocess,hthread);
+
 		} else if (pid > 0) {
 			if (!(__ntapi_tt_fork_parent(
 					hprocess,hthread,