Partager:

JAKARTA - Microsoft is not a cybersecurity company, but at least, it should try to protect the computer running its operating system, Windows. And it keeps failing.

A report from Ars Technica said Microsoft was completely unable to protect Windows computers from malicious drivers for nearly three years.

Although the company says it has updated the operating system by adding new malicious drivers to the list of blockers downloaded by the device. However, this update always fails.

As a result, users are vulnerable to certain types of attacks called BYOVAD or bring their own vulnerable drivers.

Known to quote The Verge, Monday, October 17, the driver is a file used by the computer operating system to communicate with external hardware and devices, such as printers, graphics cards, or webcams.

Since drivers can access device operating system cores, Microsoft requires all drivers to be digitally signed, to prove they are safe to use.

But if the driver has a security hole, hackers can exploit this and gain direct access to Windows.

Microsoft uses something called hypervisor-protected code integrity (HVCI) which is enabled by default on certain Windows devices, this should protect against malicious drivers.

However, the feature does not provide adequate protection against malicious drivers. A senior vulnerability analyst at cybersecurity firm Analytica, Will Dormann managed to download malicious drivers on devices that support HVCI, even though the driver is on Microsoft's block list.

On his official Twitter, Dormann explained he found a list of Microsoft blockers unrenewable in 2019, and Microsoft's surface reduction capability (ASR) also didn't protect against malicious drivers. That is, any device with HVCI enabled has not been protected from malicious drivers for about three years.

Unfortunately, Microsoft did not respond to Dorman's findings, but to Ars Technica he said it had fixed the vulnerability.

The vulnerable driver list is updated regularly, however, we received feedback that there is a gap in synchronization across versions of the OS, explained a Microsoft spokesperson.

We have fixed this and it will be fixed in future and upcoming Windows Updates. The documentation page will be updated when a new update is released," he added.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)