What you need to know
- Windows Defender received a small security upgrade you may have missed.
- You can now block vulnerable drivers via the Microsoft Vulnerable Driver Blocklist.
- This option is for Windows Defender on Windows 11 and 10.
If you're on Windows 11 or 10, get ready for enhanced security in the form of a more aggressive Windows Defender. Specifically, the Microsoft Vulnerable Driver Blocklist in Defender can now block drivers with "security vulnerabilities" from being able to run on your device.
The update was highlighted by Microsoft VP David Weston over on Twitter (via ZDNet).
New Windows security option: Enable more aggressive blocklist which includes vulnerable drivers pic.twitter.com/n3b2GzAWHANew Windows security option: Enable more aggressive blocklist which includes vulnerable drivers pic.twitter.com/n3b2GzAWHA— David Weston (DWIZZZLE) (@dwizzzleMSFT) March 27, 2022March 27, 2022
It's an optional security measure that can be enabled as on or off, though for those of you worried about vulnerable drivers and the injection of malware onto your machine, this should come in handy. Not all vulnerable drivers are overt security risks, but this new Defender item is for those with a "better safe than sorry" mentality.
Microsoft has a support document detailing the ins and outs of the addition. In the doc, it's specified that two types of systems are going to see it enabled by default:
- Hypervisor-protected code integrity (HVCI) enabled devices
- Windows 10 in S mode (S mode) devices
There's more information in the doc, but for the average user, the gist is that Microsoft's making it easier to keep third-party driver security risks at bay. This is one of the many things Microsoft is doing to keep Windows and its users safe, though safety is also dependent on said users utilizing the tools at their disposal. For example, it was recently found that many companies aren't taking advantage of the security measures they're already paying for in their Microsoft 365 subscriptions. In short: Know what tools come with Windows and Microsoft's various services in order to be best protected.
Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to firstname.lastname@example.org.
It would be nice if this was in the Azure Endpoint protection ASR rules template. But it’s not. One weakness of Microsoft is that they release new features and then people cannot enable in M365 since the new options don’t exist for a year. Feature releases need to be cross product.
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.