Regístrese ahora para una mejor cotización personalizada!

Microsoft is adding a new driver-blocklist feature to Windows Defender on Windows 10 and 11

Mar, 28, 2022 Hi-network.com
Credit: Microsoft

Microsoft is adding a new Vulnerable Driver Blocklist feature to Windows Defender on Windows 10, Windows 11, and Windows Server 2016 or newer releases. This feature is aimed at helping IT Pros to protect users against malicious and exploitable drivers.

More Microsoft

  • Is Windows 10 too popular for its own good?
  • The best Windows laptop models: Comparing Dell, Samsung, Lenovo, and more
  • Here's why Windows PCs are only going to get more annoying
  • How to downgrade from Windows 11 to Windows 10 (there's a catch)

Microsoft Vice President of OS Security and Enterprise David Weston tweeted about the new Windows security option on March 27. 

The feature will be enabled by default on Windows 10 in S Mode, as well as on devices that have the Memory Integrity Core Isolation feature, which relies on virtualization-based security. (This Core Isolation Memory Integrity feature also is known as Hypervisor-protected Code Integrity or HVCI). More details are available in this Microsoft article about recommended driver block rules. 

This blocking feature will rely on a list of blocked drivers maintained by Microsoft in conjunction with OEM partners. As explained on ghacks.net, the reason these drivers may be marked as blocked is they are known security vulnerabilities that can be exploited to elevate Windows kernel privileges; they act as malware or certificates used to sign malware, or they exhibit behaviors that circumvent the Windows Security Model and can be used to elevate Windows kernel privileges.
I've asked Microsoft whether this new driver-blocking feature will be available on all versions of Windows 10 and 11 and when it will be fully deployed. No word back so far.

Update (March 29): A Microsoft spokesperson said this feature already exists for Windows 10, Windows 11 and Server 2016 and later. The spokesperson didn't specify which SKUs of each of those (or all) are getting this feature. The emailed response: "This security feature is available on Windows 10, Windows 11, and Windows Server 2016 and above. For more information, check out this Microsoft Doc."

In other security-related news, Microsoft announced plans for a new U.S. Government cloud environment -- Office 365 Government Secret -- on March 28. Currently in government review, this new Secret cloud is designed for the U.S. Federal Civilian, Department of Defense (DoD), Intelligence Community (IC), and U.S. Government partners working within Secret environments with Microsoft's Software as a Service (SaaS) capabilities for all data classifications. The Office 365 Government Secret cloud environment is built on Microsoft's Azure Government classified environments. 

Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next
  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

tag-icon Etiquetas calientes: tecnología Servicios y Software

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.