Skip to main content

Windows Defender for Windows 11 and 10 gains new security feature that addresses vulnerable drivers

Windows Defender Hero
Windows Defender Hero (Image credit: Windows Central)

What you need to know

  • Windows Defender received a small security upgrade you may have missed.
  • You can now block vulnerable drivers via the Microsoft Vulnerable Driver Blocklist.
  • This option is for Windows Defender on Windows 11 and 10.

If you're on Windows 11 or 10, get ready for enhanced security in the form of a more aggressive Windows Defender. Specifically, the Microsoft Vulnerable Driver Blocklist in Defender can now block drivers with "security vulnerabilities" from being able to run on your device.

The update was highlighted by Microsoft VP David Weston over on Twitter (via ZDNet).

See more

It's an optional security measure that can be enabled as on or off, though for those of you worried about vulnerable drivers and the injection of malware onto your machine, this should come in handy. Not all vulnerable drivers are overt security risks, but this new Defender item is for those with a "better safe than sorry" mentality.

Microsoft has a support document detailing the ins and outs of the addition. In the doc, it's specified that two types of systems are going to see it enabled by default:

  • Hypervisor-protected code integrity (HVCI) enabled devices
  • Windows 10 in S mode (S mode) devices

There's more information in the doc, but for the average user, the gist is that Microsoft's making it easier to keep third-party driver security risks at bay. This is one of the many things Microsoft is doing to keep Windows and its users safe, though safety is also dependent on said users utilizing the tools at their disposal. For example, it was recently found that many companies aren't taking advantage of the security measures they're already paying for in their Microsoft 365 subscriptions. In short: Know what tools come with Windows and Microsoft's various services in order to be best protected.

Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.

1 Comment
  • It would be nice if this was in the Azure Endpoint protection ASR rules template. But it’s not. One weakness of Microsoft is that they release new features and then people cannot enable in M365 since the new options don’t exist for a year. Feature releases need to be cross product.