Microsoft’s out-of-date driver list left Windows PCs open to malware attacks for years
![](https://cdn.vox-cdn.com/thumbor/DOh9KviJJ-_uyjvnqdRYJmcTiGw=/0x0:2040x1360/1310x873/cdn.vox-cdn.com/uploads/chorus_image/image/71502716/akrales_220309_4977_0258.0.jpg)
Microsoft failed to properly protect Windows PCs from malicious drivers for nearly three years, according to a report from Ars Technica. Although Microsoft says its Windows updates add new malicious drivers to a blocklist downloaded by devices, Ars Technica found these updates never actually stuck.
This gap in coverage left users vulnerable to a certain type of attack called BYOVD, or bring your own vulnerable driver. Drivers are the files your computer’s operating system uses to communicate with external devices and hardware, such as a printer, graphics card, or webcam. Since drivers can access the core of a device’s operating system, or kernel, Microsoft requires that all drivers are digitally signed, proving that they are safe to use....