Microsoft Left Users Vulnerable for Years Due to Outdated Drivers: Report

Microsoft failed to safeguard Windows PC users from malicious drivers since 2019, according to a report. Computers use drivers to communicate with external devices such as hard disks, cameras, printers, and smartphones. Each driver is required to be digitally signed to ensure that it is safe for use. If, however, an existing digitally signed driver has a security flaw, it could be easily exploited by hackers. This has reportedly caused people to be exposed to a type of cyberattack called Bring Your Own Vulnerable Driver (BYOVD) that grants hackers direct access to the PCs running on Windows, by exploiting known flaws in driver software.

Microsoft uses hypervisor-protected code integrity (HVCI) as a security measure against such attacks. Citing senior vulnerability analyst Will Dormann, ArsTechnica reports that this security tool did not properly protect users against being infected through compromised drivers.

Last month, Dormann posted a Twitter thread on how he was able to download a malicious driver on a Microsoft HVCI-enabled device, which should have been blocked. He claims that the blocklist had not been updated since 2019, implying that users were not protected by Microsoft from these drivers for years.

Earlier this month, Microsoft project manager Jeffery Sutherland replied to Dormann’s tweets and revealed additional protectional measures the company had recently undertaken to mitigate the issue. “We have updated the online docs and added a download with instructions to apply the binary version directly,” Sutherland tweeted.

Microsoft told ArsTechnica that it adds malicious drivers to a blocklist, that receives regular updates. “The vulnerable driver list is regularly updated, however we received feedback there has been a gap in synchronization across OS versions. We have corrected this and it will be serviced in upcoming and future Windows Updates. The documentation page will be updated as new updates are released,” the company said.

Meanwhile many cases of BYOVD attacks have made it to the headlines in recent times. Recently, cybercriminals exploited a vulnerability in the anti-cheat driver for the game Genshin Impact. Last year, North Korean hacking group Lazarus used a BYOVD attack on an aerospace employee in the Netherlands.


Affiliate links may be automatically generated – see our ethics statement for details.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.