Microsoft says remaining users vulnerable for years due to outdated driver list: All details

Microsoft has failed to protect Windows PC users from malicious drivers since 2019, according to a report. Computers use drivers to communicate with external devices such as hard disks, cameras, printers, and smartphones. Each driver is required to be digitally signed to ensure that it is safe to use. However, if an existing digitally signed driver has a security hole, it can be easily exploited by hackers. This is believed to have exposed people to a type of cyberattack called Bring You Vulnerable Drivers (BYOVD) that allows hackers to gain direct access to Windows PCs, by exploiting exploit known vulnerabilities in driver software.

Microsoft uses hypervisor-protected code integrity (HVCI) as a security measure against such attacks. Quoting Senior Vulnerability Analyst Will Dormann, ArsTechnica report that this security tool did not adequately protect users from infection through compromised drivers.

Last month, Dormann posted a Twitter thread about how he could download a malicious driver on a Microsoft HVCI enabled device, which should have been blocked. He claims that the block list has not been updated since 2019, implying that users have not been protected by Microsoft from these drivers for many years.

Earlier this month, Microsoft project manager Jeffery Sutherland responded to Dormann’s tweets and revealed additional safeguards the company recently implemented to mitigate the problem. “We have updated the online docs and added a download with instructions to apply the binary version directly,” Sutherland tweeted.

Microsoft told ArsTechnica that it adds malicious drivers to its block list, which receives regular updates. “The list of vulnerable drivers is updated regularly, however, we received feedback that there was a vulnerability in synchronization between operating system versions. We have fixed this and it will be serviced in upcoming and future Windows Updates. The documentation page will be updated as new updates are released,” the company said.

Meanwhile, many cases of BYOVD attacks have made headlines in recent times. Recently, cybercriminals exploit a flaw in the anti-cheat driver for the game The Genshin effect. Last year, North Korea’s Lazarus hacking group used a BYOVD attack on an aerospace worker in the Netherlands.

Affiliate links can be generated automatically – check out ours Moral standards for details.


News7F: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button