Microsoft’s out-of-date driver list left Windows PCs open to malware attacks for years

Photo by Amelia Holowaty Krales / The Verge Microsoft failed to properly protect Windows PCs from malicious drivers for nearly three years, according to a report from Ars Technica. Although Microsoft says its Windows updates add new malicious drivers to a blocklist downloaded by devices, Ars Technica found these updates never actually stuck. This gap in coverage left users vulnerable to a certain type of attack called BYOVD, or bring your own vulnerable driver. Drivers are the files your computer’s operating system uses to communicate with external devices and hardware, such as a printer, graphics card, or webcam. Since drivers can access the core of a device’s operating system, or kernel, Microsoft requires that all drivers are digitally signed, proving that they are safe to use…. Continue reading… from The Verge – All Posts https://ift.tt/B3cwsn2 via Grabey
http://dlvr.it/SbCKQ5