For the most part, Microsoft takes security as seriously as it should, issuing updates and patches to maintain your Windows and Server operating systems. While you can count on receiving these updates for your supported operating systems, what you might not have known is that Microsoft accidentally overlooked a flaw in its own defenses.
The Flaw is in Vulnerable Drivers
Microsoft has a Windows Update tool that is supposed to detect and add vulnerable software drivers to a blocklist.
Drivers are the bits of software that help your computer interface with various hardware. Without the driver properly installed and updated, the hardware doesn’t behave the way it should. Of course, we’re talking about software here, so drivers can be just as vulnerable to threats as any other software can, and because of their functionality, they have access to systems on your PC that can cause problems.
Well, Microsoft’s Windows Update tool hasn’t been managing the block list, even though Microsoft has insisted on reinforcing it. You may have been receiving updates and patches as needed, but this is one particular piece of security that has not been updated.
This flaw gives threats the ability to push any known vulnerable driver to your PC, then use those vulnerabilities to their advantage. These types of flaws are not new or unheard of; they have been around for at least a decade, and the large increase in threats over the past several years can be attributed to this vulnerability. Attackers like to cast wide nets using easy-to-leverage vulnerabilities, and this one fits the profile just fine.
Microsoft has been working on a fix and says that something will be coming with the next Windows update.
Businesses usually want to prevent their users from installing and configuring new devices on their work PCs, and this is a sound strategy to prevent many threats from striking your business. It’s not a magical cure-all, but it will go a long way.
If you’re ready to protect your network from external threats, know that Twintel is ready and able to assist your business with implementing enterprise-grade security solutions. All you have to do to get started is call us today. You can reach us at 888-428-0599.