Millions of users weren’t shielded from malicious drivers by Windows’ safety system, according to a report.

Microsoft appears to have overlooked an important security factor for Windows-based devices.
According to reports, insecure drivers may be loaded on devices using Windows Update.
Collectively, researchers have noted that the existing processes do not function as planned.

According to reports, Microsoft was unable to keep Windows safe from rogue drivers. The business has claimed that their Windows Update method prevents vulnerable drivers from being installed, but a publication has shown that this is untrue by demonstrating that the list of impacted drivers was not updated in a timely manner. Let’s examine what transpired in more depth. As a result, millions of consumers were left unprotected against a newer malware attack tactic known as BYOVD, which stands for “brings your own vulnerable driver.”


Drivers are often software programs that facilitate a computer’s interaction with peripheral devices, including printers, cameras, and graphics cards. To complete a particular task, they serve as a conduit between the operating system’s core and the hardware. Drivers frequently need access to the kernel, the most private component of an operating system, throughout this process.

Microsoft forbids drivers from unreliable sources from accessing the kernel in order to prevent unauthorized access. To circumvent Microsoft’s security measures, hackers and other bad actors are increasingly exploiting “legal drivers” that include memory corruption vulnerabilities. These drivers have given hackers access to the kernel and given them control of users’ devices. This method of employing legitimate but hacked drivers is known as The method has been in use since 2012.


Microsoft has been working on countermeasures to thwart these assaults, primarily by developing methods to prevent Windows from loading signed-but-vulnerable drivers, according to a study by ArsTechnica. However, the article also adds that Microsoft’s strategy did not work successfully. The list of compromised or impacted drivers has not been updated by Microsoft Windows Update, giving malicious actors an opportunity to abuse them.

Researchers Peter Kalnai of ESET and Dan Goodin of ArsTechnica discovered that a Windows 10 Enterprise system might load a vulnerable Dell driver despite the feature that prevented impacted drivers from loading on a PC running Microsoft Windows.

A Microsoft representative responded by posting on Twitter that the organization has updated the web documentation and supplied a download with instructions for manually deploying the blocklist changes. It’s crucial to remember that this is not the ideal answer, though. To defend all users against the danger, Microsoft should distribute the blocklist updates via the Windows Update system.

Related Posts

Government Alerts About Potential Google Chrome Vulnerability That Could Allow You to Be Hacked

Introduction In recent developments, the government has issued a stern warning concerning a critical vulnerability in Google Chrome that could potentially lead to users getting hacked. This…

Truecaller’s AI Can Now Answer Calls with Your Own Voice: Here’s How

Truecaller, a popular app known for identifying spam calls and providing caller ID services, has recently introduced a groundbreaking feature: the ability for its AI to answer…

WhatsApp Could Soon Let You Generate AI-Powered Profile Pictures: Check Details

In the ever-evolving landscape of digital communication, WhatsApp is poised to revolutionize user experience with the introduction of AI-powered profile picture generation. This groundbreaking feature promises to…

Best AI Tools For Coding in 2024 (Free and Paid)

Coding is a talent and an art form that calls for both technical know-how and original problem-solving. AI has a great deal of potential to simplify code…

WhatsApp on iOS activates passkey support: Here’s how to configure it.

Last year, WhatsApp began supporting passkeys on Android devices. On iOS, WhatsApp is currently rolling out passkey functionality. You must have an iPhone 8 or later model…

Airchat: New audio-based social media app is here.. to stay or just 2 mins of fame?

Newly popular, invite-only social networking app Airchat is all the rage. It is the creation of Brian Norgard, a co-founder of Tinder, and Naval Ravikant, the founder…

Leave a Reply

Your email address will not be published. Required fields are marked *