• Download the Constitution of Pakistan
  • Advertise
WRITE FOR US
Economy.pk
No Result
View All Result
  • Economy
  • Politics
  • Technology
  • Education
  • Life & Style
  • Health
  • World
  • Videos
  • Economy
  • Politics
  • Technology
  • Education
  • Life & Style
  • Health
  • World
  • Videos
No Result
View All Result
Economy.pk
No Result
View All Result
Home Cyber Security

Microsoft’s out-of-date driver list left Windows PCs open to malware attacks for years

by Suneela Zulfiqar
October 17, 2022
in Cyber Security, Technology
Reading Time: 2 mins read
Microsoft’s out-of-date driver list left Windows PCs open to malware attacks for years
Share on FacebookShare on Twitter

According to a report by Ars Technica, Microsoft failed to adequately defend Windows PCs against rogue drivers for almost three years. Microsoft claims that its Windows updates add newly discovered harmful drivers to a blocklist that devices download, but Ars Technica discovered that these upgrades never ever took effect.

Users were exposed to a specific kind of attack known as BYOVD, or bring your own vulnerable driver, because of this coverage gap. The operating system of your computer communicates with hardware such as a printer, graphics card, and webcam through files called drivers. Microsoft mandates that all drivers be digitally signed, demonstrating their safety for use, as drivers have access to the kernel, the heart of a device’s operating system.

We’ve already seen several of these attacks carried out in the wild. In August, hackers installed BlackByte ransomware on a vulnerable driver used for the overclocking utility MSI AfterBurner. Another recent incident involved cybercriminals exploiting a vulnerability in the anti-cheat driver for the game Genshin Impact. North Korean hacking group Lazarus waged a BYOVD attack on an aerospace employee in the Netherlands and a political journalist in Belgium in 2021, but security firm ESET only brought it to light late last month.

As noted by Ars Technica, Microsoft uses something called hypervisor-protected code integrity (HVCI) that’s supposed to protect against malicious drivers, which the company says comes enabled by default on certain Windows devices. However, both Ars Technica and Will Dormann, a senior vulnerability analyst at cybersecurity company Analygence, found that this feature doesn’t provide adequate protection against malicious drivers.

In a thread posted to Twitter in September, Dormann explains that he was able to successfully download a malicious driver on an HVCI-enabled device, even though the driver was on Microsoft’s blocklist. He later discovered that Microsoft’s blocklist hasn’t been updated since 2019 and that Microsoft’s attack surface reduction (ASR) capabilities didn’t protect against malicious drivers, either. This means any devices with HVCI enabled haven’t been protected against bad drivers for around three years.

Microsoft didn’t address Dormann’s findings until earlier this month. “We have updated the online docs and added a download with instructions to apply the binary version directly,” Microsoft project manager Jeffery Sutherland said in a reply to Dormann’s tweets. “We’re also fixing the issues with our servicing process which has prevented devices from receiving updates to the policy.” Microsoft has since provided instructions on how to manually update the blocklist with the vulnerable drivers that have been missing for years, but it’s still not clear when Microsoft will start automatically adding new drivers to the list through Windows updates.

“The vulnerable driver list is regularly updated, however, we received feedback there has been a gap in synchronization across OS versions,” A Microsoft spokesperson said in a statement to Ars Technica. “We have corrected this and it will be serviced in upcoming and future Windows Updates. The documentation page will be updated as new updates are released.” Microsoft didn’t immediately respond to The Verge’s request for comment.

Tags: latestmalware attacksMicrosoftWindows PCs
Suneela Zulfiqar

Suneela Zulfiqar

Related Posts

Pakistan announces to digitize hajj operations

Pakistan announces to digitize hajj operations

In collaboration with the religious ministry, the Ministry of Information Technology and Telecommunications has revealed plans to entirely digitize next...

PayPal, Stripe coming to Pakistan? Here’s latest update

PayPal, Stripe coming to Pakistan? Here’s latest update

Dr. Umar Saif, the caretaker Federal Minister for Information Technology and Telecommunications, stated that conversations were underway with PayPal and...

Happy birthday, dear Google: Tech giant celebrates silver jubilee with special 'G25gle' doodle

Happy birthday, dear Google: Tech giant celebrates silver jubilee with special ‘G25gle’ doodle

Google is celebrating its 25th anniversary with a special doodle. Although Google Inc. was formally incorporated on September 4, the...

Here's How to Earn $2,500 by Simply Watching Netflix Shows

Here’s How to Earn $2,500 by Simply Watching Netflix Shows

Consider getting paid to watch the most popular Netflix series. One lucky Netflix user will receive $2,500 (726,228 PKR) for...

iPhone X price, PTA tax 2023 in Pakistan

iPhone X price, PTA tax 2023 in Pakistan

It has been six years since Apple introduced the iPhone X in September 2017 at the Steve Jobs Theatre at...

IT Ministry Started Preparations For the Launch of 5G Services

IT Ministry Started Preparations For the Launch of 5G Services

Pakistan's Ministry of Information Technology (IT) has begun planning for the auction of 5G technology. According to sources, the IT...

Next Post
The OnePlus N300 is coming next month with 33W fast charging

The OnePlus N300 is coming next month with 33W fast charging

Recent Posts

  • Pakistan qualify for final of SAFF U19 Championship
  • Pakistan announces to digitize hajj operations
  • Lahore Museum offers free entry to all visitors
  • 2 men arrested in connection with Avastin eye injection scam, says Punjab health minister
  • PayPal, Stripe coming to Pakistan? Here’s latest update

Advertisement

Twitter

Economy.pk

Economy.pk is a source of economic, political, business, finance, health and sports updates.

Categories

  • Economy
  • Politics
  • Technology
  • Education
  • Life & Style
  • Health
  • World
  • Videos

Privacy & Legal

  • Privacy Policy
  • Cookies

Social Media

  • Facebook
  • Instagram
  • Twitter
  • Linkedin
  • About
  • Advertise
  • Contact

© 2023 Economy.pk

No Result
View All Result
  • VIDEOS
  • World
    • Europe
    • Americas
    • Asia
    • Oceania
    • Africa
    • Middle East
  • Finance
  • Politics
  • Business
    • Economy
    • Finance
    • Entrepreneurship
    • Real Estate
  • Technology
    • Cyber Security
    • Mobiles
    • Social Media
  • Education
  • Sports
  • Life & Style
    • Personalities
    • Art
    • Culture
    • History
    • Entertainment
    • Fashion
    • Food
    • Health
      • Environment
      • Fitness
  • Sponsored

© 2023 Economy.pk