Updated on 2022-10-28: Microsoft fixes drivers blocklist
After a report that the company failed to update a list meant to block the installation of malicious and vulnerable drivers, Microsoft updated its drivers blocklist earlier this week to fix the issue and even rolled it out to more Windows 11 users as well. Read more:
- How a Microsoft blunder opened millions of PCs to potent malware attacks
- KB5020779—The vulnerable driver blocklist after the October 2022 preview release
Overview: Microsoft Will Fix Vulnerable Driver Blocklist Issue Next Month
Microsoft acknowledged that its hypervisor-protected code integrity (HVCI) feature has not been kept up to date. HVCI is touted as being able to prevent known vulnerable drivers from running on Windows machines. However, the list of vulnerable drivers has not been kept current in some pre-Windows 11 OSes. A non-security preview of Microsoft’s November 2022 Patch Tuesday release includes a fix for the problem.
Note
- The driver blocklist was introduced as an optional feature in Windows 10, version 1809 and is enabled on systems which enable HVCI or run in S mode. As of Windows 11, version 22H2, it is enabled by default. This can be managed with the Windows Security app, but the version which manages this setting hasn’t been released yet. Part of the fix was that Microsoft was supposed to be providing updates to the on-device database of flawed drivers; these updates are now working. While not every flawed driver will be detected, it adds one more layer to our defenses at the endpoint. That said, use caution enabling the blocklist as it can result in a blue screen (aka hard stop) or inability to (re)install needed drivers.
Read more in
- October 25, 2022—KB5018496 (OS Build 22621.755) Preview
- KB5020779—The vulnerable driver blocklist after the October 2022 preview release
- Microsoft recommended driver block rules
- Next Windows 10/11 Patch Tuesday fixes Microsoft’s botched vulnerable driver blocklist
- Microsoft realizes it hasn’t updated list of banned dodgy Windows 10 drivers in years
Alex Lim
Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook
