Security News > 2022 > March > New Windows security feature blocks vulnerable drivers
Microsoft now allows Windows users to block drivers with known vulnerabilities with the help of Windows Defender Application Control and a vulnerable driver blocklist.
It works on devices running Windows 10, Windows 11, and Windows Server 2016 and above with hypervisor-protected code integrity enabled and on Windows 10 systems in S mode.
WDAC, the software-based security layer that blocks the vulnerable drivers, protects Windows systems against potentially malicious software by ensuring that only trusted drivers and apps can run, blocking malware and unwanted software from launching.
The vulnerable driver blocklist used by this new Windows security option is kept up to date with the help of independent hardware vendors and Original Equipment Manufacturers.
The "Microsoft Vulnerable Driver Blocklist" option can be toggled on from Windows Security > Device security > Core isolation.
Microsoft also plans to launch a new deployment service for drivers and firmware to give Windows admins complete control over driver updates by allowing them to select the right drivers for devices on their enterprise networks.
News URL
Related news
- WinRAR flaw bypasses Windows Mark of the Web security alerts (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Don't delete that mystery empty folder. Windows put it there as a security fix (source)
- Windows "inetpub" security fix can be abused to block future updates (source)
- M365 apps on Windows 10 to get security fixes into 2028 (source)