Researchers Discover Holes in Windows Drivers from 20+ Vendors

Every vulnerability has to have a cool name so this one is called SCREWED DRIVERS and it even has a cool logo. Since I am sure it is copyrighted, go visit the links below to see the logo.

Drivers from at least 20 companies are vulnerable to a single common design flaw, making systems using those drivers extremely vulnerable.

SOME of the vendors affected are Intel, Asus, Huawei, Nvidia, Realtek and Toshiba. The names of others have not been announced since they have not fixed their drivers yet.

The problem with the drivers is this. Drivers run at the very core of the operating system and have access to the real hardware. As a result, you want to be very careful what you allow them to do. BUT, it is easier for driver writers to write a very generic driver which allows anyone who knows what the driver commands are (usually publicly documented but certainly easily reverse engineered) to get the driver to do anything. The most basic command would be a command that allows the user calling the driver to write arbitrary data in an arbitrary location. Very general. very powerful. Extremely dangerous. This is the type of vulnerability that they found. The found about 40 drivers that qualify as dangerous.

Since any piece of malware that is on your computer could call the driver and ask it to do bad things, you need to keep malware off your system. This is, for most companies, challenging. The malware could come from email, a web page, a flash drive or who knows what. Now that every hacker in the world knows about it, expect them to create exploits.

This means that you need to be alert to driver software updates from a whole raft of manufacturers AND ALSO BE ALERT TO SCAMS FROM PEOPLE CLAIMING TO BE THOSE SAME MANUFACTURERS WHO WANT TO GET YOU TO CLICK ON AN INFECTED LINK.

For more details go to Eclypsium’s web site here or the Screwed Drives blog post here.