Windows Defender has recently been equipped with a feature called Microsoft Vulnerable Driver Blocklist: a driver block list.
Microsoft Vulnerable Driver Blocklist is part of the Windows Defender component within the security settings against Windows 10 and Windows 11. The option protects users of rogue drivers. that late See David Weston on Twitter† Weston is responsible for the security of the operating system at Microsoft, among other things.
Windows gets driver block list
Microsoft recently wrote a blog about the new option on its own website. There, the company explains how the driver block list protects the user’s computer. The protective layer looks at a number of things.
In this way, the system takes into account known threats. Think of possibilities with which malicious parties can abuse certain privileges in the Windows kernel. Close attention is also paid to malware (and the behavior that goes with such software) and certificates that are used for malware. Finally, we also look at behavior that is not necessarily malicious, but that can lead to the exploitation of privileges.
Microsoft works together with various partners for this. Keep in mind that not everyone gets access to the brand new functionality. The Windows Defender Application Control, of which the block list is part, is namely not available for all versions from Windows.
