Microsoft Introduces Protection Against Malicious Drivers
Microsoft plans to introduce new functionality in its operating systems, Windows 10 and Windows 11, as well as for Windows Server 2016. Microsoft Defender is, although the most basic and among the most popular programs to protect computers from malware and viruses, so it is not surprising that the company is working to improve its functionality.
The new capability that Windows Defender will get is called Vulnerable Driver Blocklist, and the main purpose will be to protect the system from potentially malicious drivers, as well as those drivers that may have a flaw that would allow exploitation and security errors and access to the system.
Microsoft's vice president of operating system security, David Weston, announced the arrival of this feature in his tweet, "Enable a more aggressive approach to block malicious content that includes dangerous drivers."
This functionality will be automatically enabled on Windows 10 operating systems that are in S mode, as well as on other mobile devices that have a functionality called Memory Integrity Core Isolation.
This capability within Windows Defender will rely on a list of blocked drivers maintained by Microsoft itself along with its major partners. According to ZDNet, the reason for blocking these drivers will most often be a security flaw present in their code that can be used for unauthorized access to the system.
Such vulnerabilities cause these drivers to potentially behave like malware and may exhibit behavior that would bypass the Windows Security Model and allow access to kernel privileges. So, potentially serious problems for exposed users, writes ZDNet.
Currently, there is no specific information on which versions of Windows 10 and Windows 11 this upgrade of Windows Defender will be available for, so it is not known which users will be able to take advantage of this new feature.
In light of recent problems with Google and the popular Chrome
browser, it's good to see that a large company like Microsoft is actively
working to improve its security measures. It remains to be seen to what extent
all this will be effective, and how much the users will like it.