Our computers have been an important part of life for a very long time, and as such they are frequent targets of malicious people. Drivers in Microsoft’s list of outdated drivers can therefore create important vulnerabilities.

Although Microsoft is working to take new security measures in every update, it is claimed that the company’s work for the last three years is not enough. Legacy drivers continue to have vulnerabilities against certain types of attacks.

Outdated drivers targeted by malicious people

It was stated that outdated drivers or software from hardware that is no longer supported make devices open targets for attacks of the type called BYOVD. Driver files, which are necessary for the operation of external parts on our computers, can pose a great risk because they can directly access the operating system.

Microsoft normally requires all drivers to be digitally signed. Thus, it aims to ensure that the drivers are completely safe to use. On the other hand, if a digitally signed driver is open, malicious people can directly access Windows.

Using a system called Hypervisor-protected code integrity (HVCI – Hypervisor-protected code integrity), Microsoft says this feature is turned on as standard on all devices. HVCI makes sure you have the right drivers. Unfortunately, this feature does not work as intended. Drivers can be installed even if they are blacklisted. Moreover, this list has not been updated since 2019.

Microsoft, on the other hand, says that they are on the way to solve this problem with their recent statements. It is also possible to manually update the driver list, and the documentation is also updated. For now, there is no other explanation on the subject.