• Home
  • About
  • Contact us
Tech News, Magazine & Review WordPress Theme 2017
  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space
No Result
View All Result
  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space
Technovanguard — Be at the forefront of technology news
No Result
View All Result

Windows Defender: Vulnerable Driver Blocklist protects against malicious or exploitable drivers

Justin Rowell by Justin Rowell
29.09.2022
Home Software

Vulnerable Driver Blocklist is a new security feature of Windows Defender on Windows 10, Windows 11 and Windows Server 2016 or newer devices that protects against malicious or exploitable drivers.

windows defender vulnerable driver blocklist

Announced by Microsoft’s Vice President of Enterprise and OS Security, David Weston, on Twitter, the Microsoft Vulnerable Driver Blocklist is a new security feature that is enabled by default on Windows 10 in S mode devices and on devices that have the Core Isolation feature Memory Integrity, which Microsoft may also refer to as Hypervisor-protected code integrity (HVCI), enabled.

Memory integrity, or HVCI, makes use of Microsoft’s Hyper-V technology to protect Windows kernel-mode processes against malicious code injections. The feature was not enabled on existing devices when it first shipped, but it appears to be enabled by default on devices with new installations of Windows.

Some users reported issues with certain devices with HVCI enabled, and that disabling it resolved the issues that they experienced.

The core idea behind the new protective feature is to maintain a list of drivers that will be blocked by Windows Defender because the drivers have at least one of the following attributes:

  • Known security vulnerabilities that can be exploited by attackers to elevate privileges in the Windows kernel
  • Malicious behaviors (malware) or certificates used to sign malware
  • Behaviors that are not malicious but circumvent the Windows Security Model and can be exploited by attackers to elevate privileges in the Windows kernel

Microsoft cooperates with hardware vendors and OEMs to maintain the blocklist. Suspected drivers may be submitted to Microsoft for analysis and manufacturers may request that changes are made to drivers that are on the vulnerable blocklist, e.g., after patching an issue.

Devices that run Windows 10 in S mode and devices with HVCI enabled protect against these security threats once the feature is rolled out to devices.

memory integrity

Windows users and administrators may enable the Memory Integrity prerequisite in the following way on non-Windows 10 S-mode devices:

  1. Select Start and then Settings, or use the keyboard shortcut Windows-I to open the Settings application.
  2. On Windows 10, go to  Update & Security > Windows Security. Select Open Windows Security.
  3. On Windows 11, go to Privacy & Security > Windows Security > Select Open Windows Security.
  4. Select Device Security from the sidebar on the left side.
  5. Activate the “core isolation details” link.
  6. Toggle the Memory Integrity setting to On to enable the feature.
  7. Restart the device.

Windows administrators will see the new Microsoft Vulnerable Driver Blocklist on the Core isolation page of Windows Security once the feature becomes available. The feature can be toggled on or off, and also managed through other means. David Weston notes that turning it on will enable a more aggressive blocklist.

Microsoft states that it recommends enabling HVCI or using S mode, but that administrators may also block the drivers on the list using an existing Windows Defender Application Control policy. The documentation lists an XML file that contains the blocked drivers ready for use.

Now You: is memory integrity enabled on your devices, if you use Windows Defender?

Thank you for being a Ghacks reader. The post Windows Defender: Vulnerable Driver Blocklist protects against malicious or exploitable drivers appeared first on gHacks Technology News.


Next Post
1-minute video: What’s so special about groundwater?

1-minute video: What’s so special about groundwater?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

Windows 11 Insider Preview Build 22581 lets users switch from the Dev to Beta Channel for a limited time

Windows 11 Insider Preview Build 22581 lets users switch from the Dev to Beta Channel for a limited time

29.09.2022
3-Foot-Long Sword Discovered Off Israel’s Coast Dates Back to the Crusades

3-Foot-Long Sword Discovered Off Israel’s Coast Dates Back to the Crusades

29.09.2022

Trending.

Travel Business and Content Marketing: A Match Made in Heaven

Travel Business and Content Marketing: A Match Made in Heaven

07.02.2023
Netflix’s vampire movie Day Shift adds real bite to a classic action throwback

Netflix’s vampire movie Day Shift adds real bite to a classic action throwback

06.01.2023
Staying Ahead of the Game: The Top 10 Most Popular Websites for IT and Modern Technology

Staying Ahead of the Game: The Top 10 Most Popular Websites for IT and Modern Technology

30.01.2023
The Role of Technology in Transforming Healthcare Advertising

The Role of Technology in Transforming Healthcare Advertising

03.01.2023
Will Russia start a war with Ukraine?

Will Russia start a war with Ukraine?

29.09.2022
Technovanguard — Be at the forefront of technology news

Technovanguard - The latest news from the world of IT and modern technologies.

Categories

  • Computing
  • Entertainment
  • Gaming
  • Internet
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space
  • Без рубрики

Tags

best bitcoin casino best bitcoin gambling site best crypto casino bitcoin gambling site btc casino FEATUREDNEWS linkedin connection message linkedin connection request template linkedin connect message examples linkedin networking message template linkedin sales message top bitcoin casinos

Recent News

Talents on AI: Kyiv to Host Three-Day Hackathon Connecting Developers and Sponsors in May 2023

Talents on AI: Kyiv to Host Three-Day Hackathon Connecting Developers and Sponsors in May 2023

07.03.2023
Ukrainian NFT Collection Honors Heroes and Raises Funds for Naval Combat Drones

Ukrainian NFT Collection Honors Heroes and Raises Funds for Naval Combat Drones

17.02.2023
  • Home
  • About
  • Contact us

© 2021 technovanguard.com. Submit news release

No Result
View All Result
  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space

© 2021 technovanguard.com. Submit news release