diff --git a/README.md b/README.md
index ebea825..3c41728 100644
--- a/README.md
+++ b/README.md
@@ -149,7 +149,7 @@ configuration file.
 - Enable the kernel Electric-Fence sampling-based memory safety error detector
   which can identify heap out-of-bounds access, use-after-free, and invalid-free errors.
 
-- Provide the option to disable 32 bit vDSO mappings.
+- Disable 32-bit vDSO mappings as they are a legacy compatibility feature.
 
 - Provide the option to use kCFI as the default CFI implementation since it may be
   slightly more resilient to attacks that are able to write arbitrary executables
diff --git a/etc/default/grub.d/40_kernel_hardening.cfg b/etc/default/grub.d/40_kernel_hardening.cfg
index 8ae6ed6..33f98fc 100644
--- a/etc/default/grub.d/40_kernel_hardening.cfg
+++ b/etc/default/grub.d/40_kernel_hardening.cfg
@@ -134,13 +134,13 @@ GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX debugfs=off"
 ##
 GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX kfence.sample_interval=100"
 
-## Disable x86 Virtual Dynamic Shared Object (vDSO) mappings.
+## Disable 32-bit Virtual Dynamic Shared Object (vDSO) mappings.
+## Legacy compatibility feature for superseded glibc versions.
 ##
-## https://en.wikipedia.org/wiki/VDSO
+## https://lore.kernel.org/lkml/20080409082927.BD59E26F992@magilla.localdomain/T/
+## https://lists.openwall.net/linux-kernel/2014/03/11/3
 ##
-## The use of 32 bit vDSO mappings is currently enabled.
-##
-#GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX vdso32=0"
+GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX vdso32=0"
 
 ## Switch (back) to using kCFI as the default Control Flow Integrity (CFI) implementation.
 ## The default implementation is FIneIBT as of Linux kernel 6.2.