Security News > 2022 > October > Microsoft realizes it hasn't updated list of banned dodgy Windows 10 drivers in years

Microsoft appears to have woken up and realized it may have left certain Windows Server and Windows 10 systems exposed to exploitable drivers for years.

This month it emerged the list of vulnerable drivers HVCI was supposed to be blocking was wildly out of date on machines running certain pre-Windows 11 operating systems, such as some Windows 10 and Windows Server builds.

Though there are other ways to block bad drivers, and with a more recent ban list, such as via WDAC, those who assumed HVCI was automatically protecting their Windows 10 PCs may not have realized its driver deny-list has not been updated since 2019.

In a note on Tuesday, Microsoft wrote that from the Windows 11 2022 update, the vulnerable driver blocking is enabled by default, rather than being opt in, for all capable devices.

In other words, the latest Windows releases get an updated banned driver list, and soon older Windows 10 and Server editions will finally get an updated verboten driver list that should work as expected, if blocking is enabled.

Redmond quietly admitted its block list has been out of date in the release notes for an October preview release for Windows 10, Windows 11, and Windows Server.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/10/26/microsoft_windows_driver_hvci_blocked_list/