An anonymous reader shared Thursday’s report from eSecurity Planet:
After Microsoft warned earlier this week that some drivers certified by the Windows Hardware Developer Program (MWHDP) are being leveraged maliciously, a Cisco Talos security researcher said the number of malicious drivers could number in the thousands.

Talos researcher Chris Neal discussed how the security problem evolved in a blog post. “Starting in Windows Vista 64-bit, to combat the threat of malicious drivers, Microsoft began to require kernel-mode drivers to be digitally signed with a certificate from a verified certificate authority,” Neal wrote. “Without signature enforcement, malicious drivers would be extremely difficult to defend against as they can easily evade anti-malware software and endpoint detection.” Beginning with Windows 10 version 1607, Neal said, Microsoft has required kernel-mode drivers to be signed by its Developer Portal. “This process is intended to ensure that drivers meet Microsoft’s requirements and security standards,” he wrote.


Link to original post from Teknoids News

Read the original story