[ad_1]
As we already know, today Microsoft released cumulative updates for Windows 10 and Windows 11, apart from that friends, Microsoft has separately announced updates safeOS dynamic which is intended to strengthen security mitigation against vulnerabilities in safeboot.
Additionally, along with the changes made to its Secure Boot DBX, Microsoft also apparently added several dangerous drivers to their Windows Driver revocation list, where according to Microsoft, information on the vulnerabilities of these drivers was notified by a number security firms including Cisco Talos, Sophos, and Trend Micro.
"Microsoft was recently informed that drivers certified by Microsoft’s Windows Hardware Developer Program (MWHDP) were being used maliciously in post-exploitation activity. In these attacks, the attacker gained administrative privileges on compromised systems before using the drivers.
Microsoft has completed its investigation and determined that the activity was limited to the abuse of several developer program accounts and that no Microsoft account compromise has been identified. We’ve suspended the partners' seller accounts and implemented blocking detections for all the reported malicious drivers to help protect customers from this threat." dikutip dari halaman msrc Microsoft
While the current driver has been added as part of the vulnerable driver block list, users are advised to be careful about installing drivers both available from Windows Update and also those available from the Internet.
Now, you can read some related information about this in more detail on the page Cisco Talos, Sophos And TrendMicroand keep in mind that there are quite a number of fraudulent cybercriminals signature drivers use utility applications such as HookSignTool, so users are still required to be careful in installing an application, driver and extension on the system that the user is using.
[ad_2]
Source link
