Millions of users weren’t shielded from malicious drivers by Windows’ safety system, according to a report.

Microsoft appears to have overlooked an important security factor for Windows-based devices.
According to reports, insecure drivers may be loaded on devices using Windows Update.
Collectively, researchers have noted that the existing processes do not function as planned.

According to reports, Microsoft was unable to keep Windows safe from rogue drivers. The business has claimed that their Windows Update method prevents vulnerable drivers from being installed, but a publication has shown that this is untrue by demonstrating that the list of impacted drivers was not updated in a timely manner. Let’s examine what transpired in more depth. As a result, millions of consumers were left unprotected against a newer malware attack tactic known as BYOVD, which stands for “brings your own vulnerable driver.”

HACKERS ARE EXPLOITING MALFUNCTIONING COMPUTER DRIVERS TO GET ACCESS TO SYSTEMS

Drivers are often software programs that facilitate a computer’s interaction with peripheral devices, including printers, cameras, and graphics cards. To complete a particular task, they serve as a conduit between the operating system’s core and the hardware. Drivers frequently need access to the kernel, the most private component of an operating system, throughout this process.

Microsoft forbids drivers from unreliable sources from accessing the kernel in order to prevent unauthorized access. To circumvent Microsoft’s security measures, hackers and other bad actors are increasingly exploiting “legal drivers” that include memory corruption vulnerabilities. These drivers have given hackers access to the kernel and given them control of users’ devices. This method of employing legitimate but hacked drivers is known as The method has been in use since 2012.

MICROSOFT SHOULD HAVE UPDATED THE LIST OF BLOCKED DRIVERS THREE YEARS AGO

Microsoft has been working on countermeasures to thwart these assaults, primarily by developing methods to prevent Windows from loading signed-but-vulnerable drivers, according to a study by ArsTechnica. However, the article also adds that Microsoft’s strategy did not work successfully. The list of compromised or impacted drivers has not been updated by Microsoft Windows Update, giving malicious actors an opportunity to abuse them.

Researchers Peter Kalnai of ESET and Dan Goodin of ArsTechnica discovered that a Windows 10 Enterprise system might load a vulnerable Dell driver despite the feature that prevented impacted drivers from loading on a PC running Microsoft Windows.

A Microsoft representative responded by posting on Twitter that the organization has updated the web documentation and supplied a download with instructions for manually deploying the blocklist changes. It’s crucial to remember that this is not the ideal answer, though. To defend all users against the danger, Microsoft should distribute the blocklist updates via the Windows Update system.

Related Posts

‘Squid Game: Unleashed’ Netflix Multiplayer Mobile Game: Everything We Know So Far

Netflix has confirmed that a new multiplayer game set in the Squid Game universe will be released in 2024. We’ve just gotten our full reveal via gamescom Opening Night…

Jio AI Cloud announced, users to get 100GB of free cloud storage

Today was the 47th Annual General Meeting of Reliance. Reliance Industries Chairman Mukesh Ambani declared during the AGM that the business wants to increase Jio consumers’ access…

Google’s Strategic Shift: How Sundar Pichai’s Leadership Transformed Alphabet

Introduction In the vast realm of technology, leadership changes often serve as a catalyst for significant shifts in direction, strategy, and company culture. When Sundar Pichai took…

Microsoft Calls OpenAI Its “Competitor” Due to SearchGPT: An In-Depth Analysis

Introduction In a surprising turn of events, Microsoft has recently labeled OpenAI as a “competitor” in light of the launch of SearchGPT, an advanced AI search tool…

Price, Features, and More of the New PlayStation Portal Remote Player in India

Introduction to the PlayStation Portal Remote Player In a groundbreaking development for gamers across India, Sony has officially unveiled the PlayStation Portal Remote Player. This latest innovation…

After more than 15 million Windows users misplaced their passwords, Google apologized. Here’s what transpired.

In a significant blow to its reputation, Google has recently apologized after a technical mishap led to over 15 million Windows users losing access to their passwords….

Leave a Reply

Your email address will not be published. Required fields are marked *

840 views