Microsoft has announced it is adding a new ‘Vulnerable Driver Blocklist’ feature to its Windows Defender product on Windows 10, 11, and Windows Server 2016 and newer. This new feature is expected to help IT professionals protect users from malicious and exploitable drivers.
It will be enabled by default on Windows 10 in S Mode and on devices that rely on the virtualisation-based security feature – ‘Memory Integrity Core isolation’, also referred to as ‘Hypervisor-protected Code Integrity’ (HVCI). Microsoft have released an article regarding the recommended driver block rules.
The feature will be deployed by a list of drivers, maintained by both Microsoft and OEM partners, that will be blocked if they have known security vulnerabilities that attackers can exploit to elevate to Windows kernel privileges, or that act as malware, or if they exhibit behaviours that could circumvent Windows security.
It is not yet clear if this feature will be made available to all versions of Windows 10 and 11.
In further news, Microsoft has announced a new US Government cloud environment titled ‘Office 365 Government Secret’ which is currently under review and is designed for entities such as the Department of Defense, Intelligence Community, and government partners. The environment is built around Microsoft’s Azure Government classified environments.
No comments:
Post a Comment