Jump to content
  • Sign Up
×
×
  • Create New...
New feature: 1 Vote = 0.10€ for server Owner!

Microsoft Reportedly Left Users Vulnerable for Years Due to Out-of-Date Driver List: All Details

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted

This is the hidden content, please

This is the hidden content, please
Reportedly Left Users Vulnerable for Years Due to Out-of-Date Driver List: All Details

This is the hidden content, please
******* to safeguard Windows PC users from malicious drivers since 2019, according to a report. Computers use drivers to communicate with external devices such as hard disks, cameras, printers, and smartphones. Each driver is required to be digitally signed to ensure that it is safe for use. If, however, an existing digitally signed driver has a security flaw, it could be easily exploited by hackers. This has reportedly caused people to be exposed to a type of cyberattack called Bring Your Own Vulnerable Driver (BYOVD) that grants hackers direct access to the PCs running on Windows, by exploiting known flaws in driver software.

This is the hidden content, please
uses hypervisor-protected code integrity (HVCI) as a security measure against such attacks. Citing senior vulnerability analyst Will Dormann, ArsTechnica
This is the hidden content, please
that this security tool did not properly protect users against being infected through compromised drivers.

Last month, Dormann posted a

This is the hidden content, please
thread on how he was able to download a malicious driver on a
This is the hidden content, please
HVCI-enabled device, which should have been blocked. He claims that the blocklist had not been updated since 2019, implying that users were not protected by
This is the hidden content, please
from these drivers for years.

Earlier this month,

This is the hidden content, please
project manager Jeffery Sutherland replied to Dormann’s tweets and revealed additional protectional measures the company had recently undertaken to mitigate the issue. “We have updated the online docs and added a download with instructions to apply the binary version directly,” Sutherland tweeted.

This is the hidden content, please
told ArsTechnica that it adds malicious drivers to a blocklist, that receives regular updates. “The vulnerable driver list is regularly updated, however we received feedback there has been a gap in synchronization across OS versions. We have corrected this and it will be serviced in upcoming and future Windows Updates. The documentation page will be updated as new updates are released,” the company said.

Meanwhile many cases of BYOVD attacks have made it to the headlines in recent times. Recently, cybercriminals

This is the hidden content, please
a vulnerability in the anti-cheat driver for the game Genshin Impact. Last year, North Korean hacking group Lazarus
This is the hidden content, please
a BYOVD ******* on an aerospace employee in the Netherlands.

Affiliate links may be automatically generated – see our ethics statement for details.




This is the hidden content, please

#

This is the hidden content, please
#Reportedly #Left #Users #Vulnerable #Years #Due #OutofDate #Driver #List #Details

This is the hidden content, please

This is the hidden content, please

0

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept