New "Microsoft Vulnerable Driver Blocklist" feature in Windows Security


  • Staff
New Windows security option: Enable more aggressive blocklist which includes vulnerable drivers

The vulnerable driver blocklist is designed to help harden systems against third party-developed drivers across the Windows ecosystem with any of the following attributes:
  • Known security vulnerabilities that can be exploited by attackers to elevate privileges in the Windows kernel
  • Malicious behaviors (malware) or certificates used to sign malware
  • Behaviors that are not malicious but circumvent the Windows Security Model and can be exploited by attackers to elevate privileges in the Windows kernel
FO5DiJSUcAEvjDZ.png
Click to expand...

Read more:
docs.microsoft.com

Microsoft recommended driver block rules - Windows Security

View a list of recommended block rules to block vulnerable third-party drivers discovered by Microsoft and the security research community.
docs.microsoft.com

https://twitter.com/x/status/1508217367259611142
 

Attachments

  • Windows_Security.png
    Windows_Security.png
    6 KB · Views: 0
Click to expand...
You must log in or register to reply here.

Similar threads

  • Article
Windows and Linux devices vulnerable to new LogoFAIL firmware attack
Replies
17
Views
3K
Fabler2
Fabler2
  • Article
New, modern, and secure Windows Protected Print Mode (WPP)
Replies
0
Views
486
Brink
Brink
  • Article
Microsoft addresses App Installer abuse
2
Replies
23
Views
2K
neves
neves
  • Article
Guidance on Microsoft Signed Drivers Being Used Maliciously
Replies
0
Views
452
Brink
Brink
  • Article
New security capabilities in Event Tracing for Windows
Replies
0
Views
314
Brink
Brink

Latest Support Threads

Latest Tutorials

Back
Top Bottom