Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Device driver
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Security== Computers often have many diverse and customized device drivers running in their operating system (OS) kernel which often contain various [[Computer bug|bugs]] and [[Vulnerability (computing)|vulnerabilities]], making them a target for [[Exploit (computer security)|exploits]].<ref>{{cite book |last1=Talebi |first1=Seyed Mohammadjavad Seyed |last2=Tavakoli |first2=Hamid |last3=Zhang |first3=Hang |last4=Zhang |first4=Zheng |last5=Sani |first5=Ardalan Amiri |last6=Qian |first6=Zhiyun |title=Charm: Facilitating Dynamic Analysis of Device Drivers of Mobile Systems |url=https://www.usenix.org/conference/usenixsecurity18/presentation/talebi |access-date=5 November 2022 |pages=291β307 |language=en |date=2018 |isbn=9781939133045 |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175041/https://www.usenix.org/conference/usenixsecurity18/presentation/talebi |url-status=live }}</ref> {{anchor|BYOVD}} A ''Bring Your Own Vulnerable Driver'' (BYOVD) attacker installs any signed, old third-party driver with known vulnerabilities that allow malicious code to be inserted into the kernel.<ref name="arstechnica/microsoft-blunder">{{cite news |last1=Goodin |first1=Dan |title=How a Microsoft blunder opened millions of PCs to potent malware attacks |url=https://arstechnica.com/information-technology/2022/10/how-a-microsoft-blunder-opened-millions-of-pcs-to-potent-malware-attacks/ |access-date=8 November 2022 |work=[[Ars Technica]] |date=14 October 2022 |language=en-us |archive-date=8 November 2022 |archive-url=https://web.archive.org/web/20221108164935/https://arstechnica.com/information-technology/2022/10/how-a-microsoft-blunder-opened-millions-of-pcs-to-potent-malware-attacks/ |url-status=live }}</ref> Drivers that may be vulnerable include those for WiFi and Bluetooth,<ref>{{cite news |last1=Ridley |first1=Jacob |title=You're going to want to update your Wi-Fi and Bluetooth drivers today |url=https://www.pcgamer.com/its-a-really-good-idea-to-update-your-wi-fi-and-bluetooth-drivers-today/ |access-date=5 November 2022 |work=PC Gamer |date=9 February 2022 |language=en |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175040/https://www.pcgamer.com/its-a-really-good-idea-to-update-your-wi-fi-and-bluetooth-drivers-today/ |url-status=live }}</ref><ref>{{cite news |title=Wireless 'BlueBorne' Attacks Target Billions of Bluetooth Devices |url=https://threatpost.com/wireless-blueborne-attacks-target-billions-of-bluetooth-devices/127921/ |access-date=5 November 2022 |work=threatpost.com |language=en |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175043/https://threatpost.com/wireless-blueborne-attacks-target-billions-of-bluetooth-devices/127921/ |url-status=live }}</ref> gaming/graphics drivers,<ref>{{cite news |last1=Spadafora |first1=Anthony |title=Installing gaming drivers might leave your PC vulnerable to cyberattacks |url=https://www.techradar.com/news/installing-gaming-drivers-might-leave-your-pc-vulnerable-to-cyberattacks |access-date=5 November 2022 |work=TechRadar |date=12 January 2022 |language=en |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175046/https://www.techradar.com/news/installing-gaming-drivers-might-leave-your-pc-vulnerable-to-cyberattacks |url-status=live }}</ref> and drivers for printers.<ref>{{cite news |title=HP patches vulnerable driver lurking in printers for 16 years |url=https://www.zdnet.com/article/hp-patches-vulnerable-printer-driver-impacting-millions-of-devices/ |access-date=5 November 2022 |work=ZDNET |language=en |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175042/https://www.zdnet.com/article/hp-patches-vulnerable-printer-driver-impacting-millions-of-devices/ |url-status=live }}</ref> There is a lack of effective kernel vulnerability detection tools, especially for closed-source OSes such as Microsoft Windows<ref>{{cite book |last1=Pan |first1=Jianfeng |last2=Yan |first2=Guanglu |last3=Fan |first3=Xiaocao |title=Digtool: A {Virtualization-Based} Framework for Detecting Kernel Vulnerabilities |url=https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/pan |access-date=5 November 2022 |pages=149β165 |language=en |date=2017|publisher=USENIX Association |isbn=9781931971409 }}</ref> where the source code of the device drivers is mostly [[Proprietary software|proprietary]] and not available to examine,<ref>{{cite news |last1=King |first1=Bertel |title=Closed Source vs. Open Source Hardware Drivers: Why It Matters |url=https://www.makeuseof.com/closed-source-vs-open-source-hardware-drivers/ |access-date=5 November 2022 |work=MUO |date=18 June 2022 |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175040/https://www.makeuseof.com/closed-source-vs-open-source-hardware-drivers/ |url-status=live }}</ref> and drivers often have many privileges.<ref>{{cite news |last1=Branscombe |first1=Mary |title=How Microsoft blocks vulnerable and malicious drivers in Defender, third-party security tools and in Windows 11 |url=https://www.techrepublic.com/article/how-microsoft-blocks-vulnerable-malicious-drivers-defender-third-party-security-tools-windows-11/ |access-date=5 November 2022 |work=TechRepublic |date=7 April 2022 |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175043/https://www.techrepublic.com/article/how-microsoft-blocks-vulnerable-malicious-drivers-defender-third-party-security-tools-windows-11/ |url-status=live }}</ref><ref>{{cite news |last1=Goodin |first1=Dan |title=No fix in sight for mile-wide loophole plaguing a key Windows defense for years |url=https://arstechnica.com/information-technology/2022/10/no-fix-in-sight-for-mile-wide-loophole-plaguing-a-key-windows-defense-for-years/ |access-date=5 November 2022 |work=Ars Technica |date=5 October 2022 |language=en-us |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175043/https://arstechnica.com/information-technology/2022/10/no-fix-in-sight-for-mile-wide-loophole-plaguing-a-key-windows-defense-for-years/ |url-status=live }}</ref><ref>{{cite news |last1=Davenport |first1=Corbin |title="Bring Your Own Vulnerable Driver" Attacks Are Breaking Windows |url=https://www.howtogeek.com/820374/bring-your-own-vulnerable-driver-attacks-are-breaking-windows/ |access-date=5 November 2022 |work=How-To Geek |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175043/https://www.howtogeek.com/820374/bring-your-own-vulnerable-driver-attacks-are-breaking-windows/ |url-status=live }}</ref><ref>{{cite news |title=Windows 10 Security Alert: Vulnerabilities Found in Over 40 Drivers |url=https://www.bleepingcomputer.com/news/security/windows-10-security-alert-vulnerabilities-found-in-over-40-drivers/ |access-date=5 November 2022 |work=BleepingComputer |language=en-us |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175043/https://www.bleepingcomputer.com/news/security/windows-10-security-alert-vulnerabilities-found-in-over-40-drivers/ |url-status=live }}</ref> A group of security researchers considers the lack of isolation as one of the [[Computer security|main factors]] undermining [[Kernel (operating system)#Protection|kernel security]],<ref>{{cite web |title=Fine-grained kernel isolation |url=https://mars-research.github.io/projects/kernel-isolation/ |website=mars-research.github.io |access-date=15 September 2022 |language=en |archive-date=15 September 2022 |archive-url=https://web.archive.org/web/20220915120154/https://mars-research.github.io/projects/kernel-isolation/ |url-status=live }}</ref> and published an [[Sandbox (computer security)|isolation]] framework to protect operating system kernels, primarily the [[Monolithic kernel|monolithic]] [[Linux kernel]] whose drivers they say get ~80,000 [[Commit (version control)|commits]] per year.<ref>{{cite news |last1=Fetzer |first1=Mary |title=Automatic device driver isolation protects against bugs in operating systems |url=https://techxplore.com/news/2022-08-automatic-device-driver-isolation-bugs.html |access-date=15 September 2022 |work=[[Pennsylvania State University]] via techxplore.com |language=en |archive-date=15 September 2022 |archive-url=https://web.archive.org/web/20220915120154/https://techxplore.com/news/2022-08-automatic-device-driver-isolation-bugs.html |url-status=live }}</ref><ref>{{cite web |last1=Huang |first1=Yongzhe |last2=Narayanan |first2=Vikram |last3=Detweiler |first3=David |last4=Huang |first4=Kaiming |last5=Tan |first5=Gang |last6=Jaeger |first6=Trent |last7=Burtsev |first7=Anton |title=KSplit: Automating Device Driver Isolation |url=https://mars-research.github.io/doc/ksplit-osdi22.pdf |access-date=15 September 2022 |date=2022 |archive-date=15 September 2022 |archive-url=https://web.archive.org/web/20220915120155/https://mars-research.github.io/doc/ksplit-osdi22.pdf |url-status=live }}</ref> {{Excerpt|Kernel (operating system)|Protection|paragraphs=1-2}}
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Device driver
(section)
Add topic
