Microsoft has Launched Special Web Portal for Reporting Malicious Drivers

Last week, Microsoft unveiled a new web portal through which users and researchers can report malicious drivers to the company’s security team.

The new Vulnerable and Malicious Driver Reporting Center is essentially an web form that allows users to upload a copy of a malicious driver, which is then uploaded and analyzed to a Microsoft automated scanner.

On a tech level, Microsoft claims that this automated scanner can detect techniques that are typically used by malicious drivers.

Positive scans are reported and forwarded to a member of Microsoft’s security team for a more thorough investigation.

The centre and its scanner, according to the Microsoft, can analyze drivers for both 32-bit and 64-bit architectures, and users are encouraged to report any driver they suspect contains malware or contains vulnerable code.

The malicious drivers are blacklisted and vulnerable drivers are reported to their respective vendors.

Microsoft revealed that it has launched the portal because drivers have become more common in the tooling of both nation-states and cybercriminal gangs, particularly ransomware gangs, in recent years.

To gain admin privileges on a compromised host, in most cases the threat actors typically exploit vulnerabilities in old and unpatched drivers, or even purposefully downgrade and install older drivers.

Related posts

Sify Technologies Partners with Cisco ThousandEyes to Help Enterprises Accelerate their Digital Transformation Journey

Whatfix and Deloitte India Forge Strategic Alliance to Accelerate Adoption of Digital Solutions for Indian Enterprises

New Research Highlights AI and Low-Code Synergy Accelerating Application Development in Asia-Pacific

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More