Technology
beregoth

Hackers exploit Windows policy to load malicious kernel drivers

Open link in next tab

Hackers exploit Windows policy to load malicious kernel drivers

https://www.bleepingcomputer.com/news/security/hackers-exploit-windows-policy-to-load-malicious-kernel-drivers/

Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy loophole.

They're exploiting Windows driver signing using a certificate loophole and some OS hooks to trick the date verification.

13 comments