Privacy and Security Enable or Disable Microsoft Vulnerable Driver Blocklist in Windows 11


Windows_Security_banner.png

This tutorial will show you how to turn on or off the Microsoft Vulnerable Driver Blocklist for all users in Windows 10 and Windows 11.

Starting with Windows 10 (KB5018482) and Windows 11 (KB5018483 and KB5018496), the Microsoft Vulnerable Driver Blocklist is enabled by default.

The vulnerable driver blocklist is also enforced when either memory integrity (also known as hypervisor-protected code integrity or HVCI), Smart App Control, or S mode is active. Users can opt in to HVCI using the Windows Security app, and HVCI is on by-default for most new Windows 11 devices.

The vulnerable driver blocklist is designed to help harden systems against third party-developed drivers across the Windows ecosystem with any of the following attributes:
  • Known security vulnerabilities that can be exploited by attackers to elevate privileges in the Windows kernel
  • Malicious behaviors (malware) or certificates used to sign malware
  • Behaviors that aren't malicious but circumvent the Windows Security Model and can be exploited by attackers to elevate privileges in the Windows kernel
References:

KB5020779—The vulnerable driver blocklist after the October 2022 preview release - Microsoft Support

support.microsoft.com support.microsoft.com
learn.microsoft.com

Microsoft recommended driver block rules

View a list of recommended block rules to block vulnerable third-party drivers discovered by Microsoft and the security research community.
learn.microsoft.com


You must be signed in as an administrator to turn on or off the Microsoft Vulnerable Driver Blocklist


The option to turn Microsoft's vulnerable driver blocklist on or off using the Windows Security app is grayed out when HVCI (Memory Integrity), Smart App Control, or S mode is enabled.

You must disable HVCI (Memory Integrity) or Smart App Control, or switch the device out of S mode, and restart the computer before you can turn off the Microsoft vulnerable driver blocklist.



Contents

  • Option One: Turn On or Off Microsoft Vulnerable Driver Blocklist in Windows Security
  • Option Two: Turn On or Off Microsoft Vulnerable Driver Blocklist using REG file




Option One

Turn On or Off Microsoft Vulnerable Driver Blocklist in Windows Security


1 Open Windows Security.

2 Click/tap on Device security on the left side, and click/tap on the Core isolation details link on the right side. (see screenshot below)

Microsoft_Vulnerable_Driver_Blocklist-1.png

3 Turn on (default) or off Microsoft Vulnerable Driver Blocklist for what you want. (see screenshot below)

Microsoft_Vulnerable_Driver_Blocklist-3.png

4 If prompted by UAC, click/tap on Yes to approve.

5 You can now close Windows Security if you like.




Option Two

Turn On or Off Microsoft Vulnerable Driver Blocklist using REG file


1 Do step 2 (on) or step 3 (off) below for what you want.

2 Turn On Microsoft Vulnerable Driver Blocklist

This is the default setting.


A) Click/tap on the Download button below to download the REG file below, and go to step 4 below.​

Turn_ON_Microsoft_Vulnerable_Driver_Blocklist.reg


(Contents of REG file for reference)
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Config]
"VulnerableDriverBlocklistEnable"=dword:00000001

3 Turn Off Microsoft Vulnerable Driver Blocklist

A) Click/tap on the Download button below to download the REG file below, and go to step 4 below.​

Turn_OFF_Microsoft_Vulnerable_Driver_Blocklist.reg


(Contents of REG file for reference)
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Config]
"VulnerableDriverBlocklistEnable"=dword:00000000

4 Save the .reg file to your desktop.

5 Double click/tap on the downloaded .reg file to merge it.

6 When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.

7 You can now delete the downloaded .reg file if you like.


That's it,
Shawn Brink
 

Attachments

Last edited:
Click to expand...
As I look into my crystal ball... I foresee a time when there will be shady characters on the street corner saying: "Pssst, hey man, you want to buy a way to Disable Microsoft Vulnerable Driver Blocklist?"


@Brink

There should be an auto-award system for tutorials, based on number of downloads.
Cause this one will surely hit platinum. :-)


Seems to be a well-balanced article...
www.itprotoday.com

Should You Use Microsoft Vulnerable Driver Blocklist?

Microsoft Vulnerable Driver Blocklist lets users block vulnerable hardware device drivers. Before using this Windows security feature, considers these risks.
www.itprotoday.com www.itprotoday.com
 
Last edited:

My Computers

System One System Two

  • OS
    Win 11 Home ♦♦♦26100.3194 ♦♦♦♦♦♦♦24H2 ♦♦♦non-Insider
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® [May 2020]
    CPU
    AMD Ryzen 7 3700X
    Motherboard
    Asus Pro WS X570-ACE (BIOS 4702)
    Memory
    G.Skill (F4-3200C14D-16GTZKW)
    Graphics Card(s)
    EVGA RTX 2070 (08G-P4-2171-KR)
    Sound Card
    Realtek ALC1220P / ALC S1220A
    Monitor(s) Displays
    Dell U3011 30"
    Screen Resolution
    2560 x 1600
    Hard Drives
    2x Samsung 860 EVO 500GB,
    WD 4TB Black FZBX - SATA III,
    WD 8TB Black FZBX - SATA III,
    DRW-24B1ST CD/DVD Burner
    PSU
    PC Power & Cooling 750W Quad EPS12V
    Case
    Cooler Master ATCS 840 Tower
    Cooling
    CM Hyper 212 EVO (push/pull)
    Keyboard
    Ducky DK9008 Shine II Blue LED
    Mouse
    Logitech Optical M-100
    Internet Speed
    300/300
    Browser
    Firefox (latest)
    Antivirus
    Bitdefender Internet Security
    Other Info
    Speakers: Klipsch Pro Media 2.1
  • Operating System
    Windows XP Pro 32bit w/SP3
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® (not in use)
    CPU
    AMD Athlon 64 X2 5000+ (OC'd @ 3.2Ghz)
    Motherboard
    ASUS M2N32-SLI Deluxe Wireless Edition
    Memory
    TWIN2X2048-6400C4DHX (2 x 1GB, DDR2 800)
    Graphics card(s)
    EVGA 256-P2-N758-TR GeForce 8600GT SSC
    Sound Card
    Onboard
    Monitor(s) Displays
    ViewSonic G90FB Black 19" Professional (CRT)
    Screen Resolution
    up to 2048 x 1536
    Hard Drives
    WD 36GB 10,000rpm Raptor SATA
    Seagate 80GB 7200rpm SATA
    Lite-On LTR-52246S CD/RW
    Lite-On LH-18A1P CD/DVD Burner
    PSU
    PC Power & Cooling Silencer 750 Quad EPS12V
    Case
    Generic Beige case, 80mm fans
    Cooling
    ZALMAN 9500A 92mm CPU Cooler
    Mouse
    Logitech Optical M-BT96a
    Keyboard
    Logitech Classic Keybooard 200
    Internet Speed
    300/300
    Browser
    Firefox 3.x ??
    Antivirus
    Symantec (Norton)
    Other Info
    Still assembled, still runs. Haven't turned it on for 13 years?
Hi,
Guessing I'll be fourth +- a grand :lmao:
 

My Computer

System One

  • OS
    Win-7-10-11Pro's
    Computer type
    PC/Desktop
    Manufacturer/Model
    Acer 17" Nitro 7840sn/ 2x16gb 5600c40/ 4060/ stock 1tb-os/ 4tb sn850x
    CPU
    10900k & 9940x & 5930k
    Motherboard
    z490-Apex & x299-Apex & x99-Sabertooth
    Memory
    Trident-Z Royal 4000c16 2x16gb & Trident-Z 3600c16 4x8gb & 3200c14 4x8gb
    Graphics Card(s)
    Titan Xp & 1080ti FTW3 & evga 980ti gaming
    Sound Card
    Onboard Realtek x3
    Monitor(s) Displays
    1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
    Screen Resolution
    1920-1080 not sure what the t.v is besides 43" class scales from 1920-1080 perfectly
    Hard Drives
    2-WD-sn850x 4tb/ 970evo+500gb/ 980 pro 2tb.
    PSU
    1000p2 & 1200p2 & 850p2
    Case
    D450 x2 & 1 Test bench in cherry Entertainment center
    Cooling
    Custom water loops x3 with 2x mora 360mm rads only 980ti gaming air cooled
    Keyboard
    G710+x3
    Mouse
    Redragon x3
    Internet Speed
    xfinity gigabyte
    Browser
    Firefox
    Antivirus
    mbam pro

My Computers

System One System Two

  • OS
    Win 11 Home ♦♦♦26100.3194 ♦♦♦♦♦♦♦24H2 ♦♦♦non-Insider
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® [May 2020]
    CPU
    AMD Ryzen 7 3700X
    Motherboard
    Asus Pro WS X570-ACE (BIOS 4702)
    Memory
    G.Skill (F4-3200C14D-16GTZKW)
    Graphics Card(s)
    EVGA RTX 2070 (08G-P4-2171-KR)
    Sound Card
    Realtek ALC1220P / ALC S1220A
    Monitor(s) Displays
    Dell U3011 30"
    Screen Resolution
    2560 x 1600
    Hard Drives
    2x Samsung 860 EVO 500GB,
    WD 4TB Black FZBX - SATA III,
    WD 8TB Black FZBX - SATA III,
    DRW-24B1ST CD/DVD Burner
    PSU
    PC Power & Cooling 750W Quad EPS12V
    Case
    Cooler Master ATCS 840 Tower
    Cooling
    CM Hyper 212 EVO (push/pull)
    Keyboard
    Ducky DK9008 Shine II Blue LED
    Mouse
    Logitech Optical M-100
    Internet Speed
    300/300
    Browser
    Firefox (latest)
    Antivirus
    Bitdefender Internet Security
    Other Info
    Speakers: Klipsch Pro Media 2.1
  • Operating System
    Windows XP Pro 32bit w/SP3
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® (not in use)
    CPU
    AMD Athlon 64 X2 5000+ (OC'd @ 3.2Ghz)
    Motherboard
    ASUS M2N32-SLI Deluxe Wireless Edition
    Memory
    TWIN2X2048-6400C4DHX (2 x 1GB, DDR2 800)
    Graphics card(s)
    EVGA 256-P2-N758-TR GeForce 8600GT SSC
    Sound Card
    Onboard
    Monitor(s) Displays
    ViewSonic G90FB Black 19" Professional (CRT)
    Screen Resolution
    up to 2048 x 1536
    Hard Drives
    WD 36GB 10,000rpm Raptor SATA
    Seagate 80GB 7200rpm SATA
    Lite-On LTR-52246S CD/RW
    Lite-On LH-18A1P CD/DVD Burner
    PSU
    PC Power & Cooling Silencer 750 Quad EPS12V
    Case
    Generic Beige case, 80mm fans
    Cooling
    ZALMAN 9500A 92mm CPU Cooler
    Mouse
    Logitech Optical M-BT96a
    Keyboard
    Logitech Classic Keybooard 200
    Internet Speed
    300/300
    Browser
    Firefox 3.x ??
    Antivirus
    Symantec (Norton)
    Other Info
    Still assembled, still runs. Haven't turned it on for 13 years?
22H2 22621.1485 with MBAM free

I cannot enable MS vulnerable driver blocklist. I read it is enabled by default. I have ennabled virtualization in UEFI.
I am not too techy so if it should be enabled is there a relatively easy way to do this?
I read smart app control cannot be enabledd so which is better to enablee? I think smart app is ennabled but don't know where it is.
 

My Computer

System One

  • OS
    Windows 11 pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    ASUS built by Micro center
    CPU
    Intel Core i9- 12900K Alder Lake 3.2 GHz LGA1700
    Motherboard
    Asus prime Z790-v WI FI Intel LGA1700 ATX
    Memory
    G-Skill Ripjaws S5 32GB
    Graphics Card(s)
    NVIDIA GEForce GTX1616 Super dual fan
    Hard Drives
    Samsung 500GB 860 EVO
    PSU
    Thermalake 500 Watt
    Case
    V 100ATX
    Antivirus
    Defender primary with MBAM free secondary
Anyway to create an exception or whitelist for leaving the vulnerable driver blocklist on?
 

My Computer

System One

  • OS
    Win 11 Pro
It's getting crazier all the time; currently with (Win 11) 24H2 Build 26100.3194. That option is always greyed out no matter what the setting inside the registry is. I am using an Logitech G19 Keyboard which has a display build in. I have got a newer version of driversoftware from 2022 where the remark is
  • Updated drivers for Windows 10 and 11 code integrity(HVCI) compatibility
Despite that claim Microsoft don't trust that driver at all. Keyboard and Hub are functioning. But the display is blank. (By default my display shows the CPU and Memory usage of the system) Tinkered with all kind settings but to no reveal. Found one solution that worked; Turning off the memory integrity all together. I am not very happy with this but it was the only setting that turned off that damned driver blocklist inside Windows. Crazy I know.... The only thing that's turn on is "Security local securityinstances" OK my keyboard is dated but it's still doing fine. And who is Microsoft to block the drivers of that keyboard. Yeah... Buy a new keyboard. Sorry that model does not have a modern equivalent. Keyboards now must be cheap as possible so sorry; no display.

If only that option was to turn it off or on all the time that would solved it. Now I must turn off a bigger important thing. Madness. 😒😒
 

My Computer

System One

  • OS
    Windows 11 Pro, 24H2, Version 26100.3194
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self build.
    CPU
    LGA1700 i7-12700KF
    Motherboard
    ASUS Prime Z690-A, BIOS v4001
    Memory
    32GB 5600-36 Vengeance
    Graphics Card(s)
    PCIe5.0 Asus NVIDIA RTX3060Ti
    Sound Card
    Onboard; Realtek
    Monitor(s) Displays
    34" LG 34UC79G-B 21:9
    Screen Resolution
    2560x1080
    Hard Drives
    250Gb Samsung 870Pro, 1Tb Samsung 980Pro, 1Tb Samsung 970Evo NVMe
    PSU
    Coolermaster 850W V2 Gold with internal 12cm exaust fan
    Case
    Inter-Tech B-48 ATX
    Cooling
    2x be quiet! 12cm "Silent Wings 4" casefans, 1x Arctic Freezer i35 CPU towerblock
    Keyboard
    Logitech LG-19
    Mouse
    Logitech G-502 Hero
    Internet Speed
    1Gb
    Browser
    Google Chrome
    Antivirus
    F-Secure
    Other Info
    No Noise system.

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender
Brink said:
Hello @hader, :alien:

The option to turn Microsoft's vulnerable driver blocklist on or off using the Windows Security app is grayed out when HVCI (Memory Integrity), Smart App Control, or S mode is enabled.

You must disable HVCI (Memory Integrity) or Smart App Control, or switch the device out of S mode, and restart the computer before you can turn off the Microsoft vulnerable driver blocklist.

Click to expand...
Thanks for the additional info.

In my case; Smart App Control was already off. (Can't turn this on without reinstalling windows again) Nothing in S mode.

So in order to turn off the Microsoft vulnerable driver blocklist I had to turn the Memory Integrity also off.
As long as this was on the switch "Microsoft vulnerable driver blocklist" was greyed out and turned on.
 

My Computer

System One

  • OS
    Windows 11 Pro, 24H2, Version 26100.3194
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self build.
    CPU
    LGA1700 i7-12700KF
    Motherboard
    ASUS Prime Z690-A, BIOS v4001
    Memory
    32GB 5600-36 Vengeance
    Graphics Card(s)
    PCIe5.0 Asus NVIDIA RTX3060Ti
    Sound Card
    Onboard; Realtek
    Monitor(s) Displays
    34" LG 34UC79G-B 21:9
    Screen Resolution
    2560x1080
    Hard Drives
    250Gb Samsung 870Pro, 1Tb Samsung 980Pro, 1Tb Samsung 970Evo NVMe
    PSU
    Coolermaster 850W V2 Gold with internal 12cm exaust fan
    Case
    Inter-Tech B-48 ATX
    Cooling
    2x be quiet! 12cm "Silent Wings 4" casefans, 1x Arctic Freezer i35 CPU towerblock
    Keyboard
    Logitech LG-19
    Mouse
    Logitech G-502 Hero
    Internet Speed
    1Gb
    Browser
    Google Chrome
    Antivirus
    F-Secure
    Other Info
    No Noise system.
hader said:
Thanks for the additional info.

In my case; Smart App Control was already off. (Can't turn this on without reinstalling windows again) Nothing in S mode.

So in order to turn off the Microsoft vulnerable driver blocklist I had to turn the Memory Integrity also off.
As long as this was on the switch "Microsoft vulnerable driver blocklist" was greyed out and turned on.
Click to expand...

Correct. Too bad it can't just be a simple on/off.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender
You must log in or register to reply here.

Similar Windows 11 Tutorials

  • Article Article
Browsers and Mail Enable or Disable Microsoft Edge Surf Game in Windows 11
Replies
0
Views
1K
Brink
Brink
  • Article Article
Browsers and Mail Enable or Disable Scareware Blocker in Microsoft Edge in Windows 11
Replies
1
Views
2K
Brink
Brink
  • Article Article
Browsers and Mail Enable or Disable Automatic Sign in on Microsoft Edge in Windows 11
Replies
0
Views
2K
Brink
Brink
  • Article Article
Browsers and Mail Enable or Disable Bing "Trending Searches" Suggestions in Address Bar of Microsoft Edge
Replies
0
Views
1K
Brink
Brink
  • Article Article
Personalization Enable or Disable Widgets on Lock Screen in Windows 11
Replies
4
Views
2K
Brink
Brink
  • Article Article
Browsers and Mail Enable or Disable Collections in Microsoft Edge in Windows 11
Replies
0
Views
1K
Brink
Brink
  • Article Article
Devices Enable or Disable Bluetooth LE Audio in Windows 11
Replies
4
Views
2K
cereberus
cereberus

Latest Support Threads

Latest Tutorials

Back
Top Bottom