More than 40 Windows drivers found vulnerable!

<p>Researchers from a cybersecurity company Eclypsium revealed that more than 40 different Windows drivers contain poor code and could be exploited for mounting an escalation of privilege attacks&period; What&&num;8217&semi;s even more concerning is the fact that these drivers come from Microsoft-certified vendors and thus have been approved by Microsoft&period;<&sol;p>&NewLine;<p><img class&equals;"alignnone wp-image-3203 size-full" title&equals;"Windows drivers" src&equals;"https&colon;&sol;&sol;www&period;wincert&period;net&sol;wp-content&sol;uploads&sol;2019&sol;07&sol;hacker&period;jpg" alt&equals;"Windows drivers" width&equals;"640" height&equals;"426" &sol;><&sol;p>&NewLine;<p>Since these drivers affect all versions of Windows and include major BIOS vendors and hardware manufacturers like NVIDIA&comma; Intel&comma; Toshiba&comma; ASUS and Huawei&comma; millions of users are at risk&period;<&sol;p>&NewLine;<p>Security experts from Eclypsium also warned that such drivers pose a huge threat as they might allow malicious apps to gain kernel privileges at a user level with direct access to hardware and firmware&period; All of this could result in malware being installed directly into the firmware and with this done&comma; even reinstalling Windows would not be sufficient to get rid of it&period;<&sol;p>&NewLine;<p>The Eclypsium also noted that drivers provide a mechanism to make changes to the system&period; In other words&comma; if a vulnerable driver is already present on the system&comma; a malware app should only search for it in order to elevate privileges&period; On the other hand&comma; if the driver is not present in the system&comma; a malicious app could bring the driver with it but then it would need administrator approval to install new drivers&period;<&sol;p>&NewLine;<p>To protect its customers&comma; Microsoft will be using Hypervisor-enforced Code Integrity &lpar;HVCI&rpar; to blacklist drivers reported to them&period; Unfortunately&comma; this feature is only available on the 7th generation and later Intel processors&period; Therefore&comma; Microsoft advises users to use Windows Defender Application Control to block known vulnerable software and drivers&period; The company also advises customers to protect themselves even more by turning on memory integrity for capable devices in Windows Security&period;<&sol;p>&NewLine;<p>A complete list of all the vendors who have already updated their drivers can be found on <a href&equals;"https&colon;&sol;&sol;eclypsium&period;com&sol;2019&sol;08&sol;10&sol;screwed-drivers-signed-sealed-delivered&sol;" target&equals;"&lowbar;blank" rel&equals;"noopener noreferrer">the Eclypsium blog<&sol;a>&period;<&sol;p>&NewLine;