Security News > 2022 > October > Microsoft fixes Windows vulnerable driver blocklist sync issue
Microsoft says it addressed an issue preventing its vulnerable driver blocklist from being synced to systems running older Windows versions.
This blocklist is designed to block threat actors from dropping legitimate but vulnerable drivers on targets' systems in Bring Your Own Vulnerable Driver attacks on HVCI-enabled Windows machines or those running Windows in S Mode.
Although Microsoft has been advertising its driver blocklist as capable of hardening Windows systems against vulnerable third-party drivers, ANALYGENCE security analyst Will Dormann found that wasn't the case.
As Dormann discovered, unlike Windows 11 devices, even up-to-date Windows 10 and Windows Server systems were being provided with an outdated list of vulnerable drivers from December 2019, exposing customers who thought they were protected to BYOVD attacks.
More than a month after Dormann revealed that the list of vulnerable drivers wasn't kept up to date on Windows 10 and some Windows Server systems, Microsoft has now finally addressed this issue.
Redmond has addressed the driver blocklist sync issue with the October 2022 preview release, which will also ensure that the blocklist on older OS versions will be the same as the up-to-date one on Windows 11 21H2 and later.
News URL
Related news
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- Microsoft: Windows 11 22H2 Home and Pro reached end of servicing (source)
- Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server (source)
- Microsoft blocks Windows 11 24H2 on two ASUS models due to crashes (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Microsoft wants $30 if you want to delay Windows 11 switch (source)