Windows: Microsoft admits years of malware vulnerability through drivers

Windows: Microsoft admits years of malware vulnerability through drivers


Microsoft finally officially admitted the fact that Windows was exposed to a possible malware attack through a vulnerability in the operating system drivers, which in fact lasted for almost 3 years.

The problem is related to some flaws emerged in the automatic protection system on drivers: Windows Update should in fact automatically add new drivers to a list of blocks that should counter the spread of malware, but in some cases the verified and signed drivers may still have security flaws. br>
Since drivers are capable of accessing every section of the operating system, including the kernel, they can be perfect vehicles for malicious software such as malware.

Windows 11, splash screen In fact, in the last period there has been a proliferation of these cases that have exploited in particular the BYOVD technique, which allows a hacker to circumvent the protections of the Windows kernel .

In essence, by installing what appears to be a simple official driver, you can expose your PC to even serious interference from external parties. In some cases, attacks of this kind have occurred through the overclocking drivers distributed by MSI with AfterBurner which have led to the proliferation of the BlackByte ransomware, or even with the anti-cheat drivers of Genshin Impact.

All this is. linked to the shortcomings of the Windows HVCI system, which according to research conducted by Ars Technica and analyst Will Dormann may have exposed PCs to malware and the like for almost 3 years now. Microsoft has basically admitted that the HVCI system has exposed these insecurities and is fixing this, with new updates on the vulnerable drivers that will still take some time to complete.

Source Did you notice any errors?