Any of the hardware that you have on your laptop or personal computer needs software in the form of a driver to function properly. These drivers are crucial because of the fact that this is the sort of thing that could potentially end up allowing the hardware to interface with the operating system thereby letting you use it as and when required. However, there is a major problem with several drivers out there in that they have a lot of vulnerabilities that can expose you to malware and other cyber attacks.
With all of that having been said and now out of the way, it is important to note that Microsoft has just taken a few steps that can help curb some of the damage that vulnerable drivers can cause. They have done this by updating the Windows Defender Application Control program and making it so that it can block vulnerable drivers. These vulnerable drivers will be on a block list that will tell WDAC to prevent them from functioning.
HVCI, or hypervisor protected code integrity, will need to be enabled if you want to block vulnerable drivers from leaving your system open to cyber attacks and the like. Windows systems will now be fully secured from third party drivers as well, with the main focus here being tackling drivers that have known vulnerabilities that need to be defended against. These drivers won’t be able to utilize their SHA256 hash after they are added to the block which would essentially leave them neutralized with all things having been considered and taken into account.
Some legitimate programs such as Cheat Engine and Process Hacker might not work if you enable this feature, but that is a tradeoff that most users would be willing to make. Protecting users from drivers with vulnerabilities is crucial if Microsoft wants to keep them safe from the various potential cyber attacks that could do them a huge amount of harm. It’s great that this update will take this protection a few steps further, and people using Windows 10 and above will be able to start using it immediately.
H/T: David Weston
Read next: Researchers show how quickly your system can be hacked and encrypted by the leading malwares
With all of that having been said and now out of the way, it is important to note that Microsoft has just taken a few steps that can help curb some of the damage that vulnerable drivers can cause. They have done this by updating the Windows Defender Application Control program and making it so that it can block vulnerable drivers. These vulnerable drivers will be on a block list that will tell WDAC to prevent them from functioning.
HVCI, or hypervisor protected code integrity, will need to be enabled if you want to block vulnerable drivers from leaving your system open to cyber attacks and the like. Windows systems will now be fully secured from third party drivers as well, with the main focus here being tackling drivers that have known vulnerabilities that need to be defended against. These drivers won’t be able to utilize their SHA256 hash after they are added to the block which would essentially leave them neutralized with all things having been considered and taken into account.
Some legitimate programs such as Cheat Engine and Process Hacker might not work if you enable this feature, but that is a tradeoff that most users would be willing to make. Protecting users from drivers with vulnerabilities is crucial if Microsoft wants to keep them safe from the various potential cyber attacks that could do them a huge amount of harm. It’s great that this update will take this protection a few steps further, and people using Windows 10 and above will be able to start using it immediately.
H/T: David Weston
Read next: Researchers show how quickly your system can be hacked and encrypted by the leading malwares