查看MSDN ReadProcessMemory页面的社区注释，引用（sic）：

W7 wont run read process memory

You may need to check your access permissions for "SE_DEBUG_NAME" for the current processes token. If not enabled. Enabled it. This must be done as administrator of course.

还要完全声明返回类型并使用use_last_error参数，其中ctypes将在调用后直接在内部缓存GetLastError()值。否则，可能不正确。如果您在64位系统上，那么SIZE_T和指针是64位值，因此ctypes需要知道类型，以便为调用正确设置堆栈。

...
from ctypes import wintypes
...
rPM = ctypes.WinDLL('kernel32',use_last_error=True).ReadProcessMemory
rPM.argtypes = [wintypes.HANDLE,wintypes.LPCVOID,wintypes.LPVOID,ctypes.c_size_t,ctypes.POINTER(ctypes.c_size_t)]
rPM.restype = wintypes.BOOL
wPM = ctypes.WinDLL('kernel32',use_last_error=True).WriteProcessMemory
wPM.argtypes = [wintypes.HANDLE,wintypes.LPVOID,wintypes.LPCVOID,ctypes.c_size_t,ctypes.POINTER(ctypes.c_size_t)]
wPM.restype = wintypes.BOOL

ADDRESS1 = 0x00E97074
ADDRESS2 = ctypes.create_string_buffer(64)
bytes_read = ctypes.c_size_t()
print(rPM(PROCESS,ADDRESS1,ADDRESS2,64,ctypes.byref(bytes_read)))
print(ctypes.get_last_error())

另外，仅供参考，即使所有的修复都得到相同的错误值，但我没有经历启用SE_DEBUG_NAME的麻烦。

已解决

以下是问题所在：

PROCESS = win32api.OpenProcess(PROCESS_ALL_ACCESS,0,PID).handle

win32api.OpenProcess返回一个临时的PyHANDLE，该临时的PyHANDLE被销毁，并在检索到句柄后关闭句柄。

解决方法是使用：

PROCESS = win32api.OpenProcess(PROCESS_ALL_ACCESS,0,PID)
...
rPM(PROCESS.handle,ADDRESS1,ADDRESS2,64,0)

PROCESS然后保存PyHANDLE对象，句柄保持有效。