The 1990s were turbulent years for Microsoft. The fame of its operating system made it the target of countless hackers looking for vulnerabilities to exploit. That time when the fearsome bars he roamed freely. Now cybersecurity has reached new heights and the tools have to be prepared for the worst. One of the attacks is through drivers, a vulnerability that could go unnoticed but will now defend Windows.
Goodbye to malicious drivers in Windows 10 and Windows 11
The Windows Security Center at Windows 10 and Windows 11 just got a little better. As announced David Weston, vice president of enterprise and operating system security at Microsoft. Windows built-in free antivirus now has a new option to protect against vulnerable driversthough we won’t see it on our Windows 11 systems just yet.
New Windows security option: Enable more aggressive blocklist which includes vulnerable drivers pic.twitter.com/n3b2GzAWHA
— David Weston (DWIZZZLE) (@dwizzzleMSFT) March 27, 2022
known as “Microsoft Vulnerable Driver Block List”this new Windows Security feature can help block drivers with security vulnerabilities so they don’t run on your device. It seems simple, but it has become a common problem. According to Microsoft, attackers are exploiting vulnerabilities in legitimate, signed kernel drivers to run malware in the Windows kernel. Here’s how the feature works to help prevent this.
Microsoft works closely with our IHVs and the security community. With the aim of guaranteeing the highest level of controller safety for our customers. And when driver vulnerabilities arise, they are quickly patched and distributed to the ecosystem. Microsoft then adds vulnerable versions of drivers to our ecosystem blocking policy.
This feature should appear on hypervisor-protected code integrity-enabled devices (HVCI) or on Windows 10 devices in S mode. It should be listed in the Device Security section of Windows Security, when it’s ready for our system. We’ve checked on our end, and it doesn’t appear to have been deployed yet. We’ll update this post when we have more information, but you can learn more about the technical aspects of this feature by going to Microsoft Docs.