Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Device driver
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Security== Computers often have many diverse and customized device drivers running in their operating system (OS) kernel which often contain various [[Computer bug|bugs]] and [[Vulnerability (computing)|vulnerabilities]], making them a target for [[Exploit (computer security)|exploits]].<ref>{{cite book |last1=Talebi |first1=Seyed Mohammadjavad Seyed |last2=Tavakoli |first2=Hamid |last3=Zhang |first3=Hang |last4=Zhang |first4=Zheng |last5=Sani |first5=Ardalan Amiri |last6=Qian |first6=Zhiyun |title=Charm: Facilitating Dynamic Analysis of Device Drivers of Mobile Systems |url=https://www.usenix.org/conference/usenixsecurity18/presentation/talebi |access-date=5 November 2022 |pages=291β307 |language=en |date=2018 |isbn=9781939133045 |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175041/https://www.usenix.org/conference/usenixsecurity18/presentation/talebi |url-status=live }}</ref> {{anchor|BYOVD}} A ''Bring Your Own Vulnerable Driver'' (BYOVD) attacker installs any signed, old third-party driver with known vulnerabilities that allow malicious code to be inserted into the kernel.<ref name="arstechnica/microsoft-blunder">{{cite news |last1=Goodin |first1=Dan |title=How a Microsoft blunder opened millions of PCs to potent malware attacks |url=https://arstechnica.com/information-technology/2022/10/how-a-microsoft-blunder-opened-millions-of-pcs-to-potent-malware-attacks/ |access-date=8 November 2022 |work=[[Ars Technica]] |date=14 October 2022 |language=en-us |archive-date=8 November 2022 |archive-url=https://web.archive.org/web/20221108164935/https://arstechnica.com/information-technology/2022/10/how-a-microsoft-blunder-opened-millions-of-pcs-to-potent-malware-attacks/ |url-status=live }}</ref> Drivers that may be vulnerable include those for WiFi and Bluetooth,<ref>{{cite news |last1=Ridley |first1=Jacob |title=You're going to want to update your Wi-Fi and Bluetooth drivers today |url=https://www.pcgamer.com/its-a-really-good-idea-to-update-your-wi-fi-and-bluetooth-drivers-today/ |access-date=5 November 2022 |work=PC Gamer |date=9 February 2022 |language=en |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175040/https://www.pcgamer.com/its-a-really-good-idea-to-update-your-wi-fi-and-bluetooth-drivers-today/ |url-status=live }}</ref><ref>{{cite news |title=Wireless 'BlueBorne' Attacks Target Billions of Bluetooth Devices |url=https://threatpost.com/wireless-blueborne-attacks-target-billions-of-bluetooth-devices/127921/ |access-date=5 November 2022 |work=threatpost.com |language=en |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175043/https://threatpost.com/wireless-blueborne-attacks-target-billions-of-bluetooth-devices/127921/ |url-status=live }}</ref> gaming/graphics drivers,<ref>{{cite news |last1=Spadafora |first1=Anthony |title=Installing gaming drivers might leave your PC vulnerable to cyberattacks |url=https://www.techradar.com/news/installing-gaming-drivers-might-leave-your-pc-vulnerable-to-cyberattacks |access-date=5 November 2022 |work=TechRadar |date=12 January 2022 |language=en |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175046/https://www.techradar.com/news/installing-gaming-drivers-might-leave-your-pc-vulnerable-to-cyberattacks |url-status=live }}</ref> and drivers for printers.<ref>{{cite news |title=HP patches vulnerable driver lurking in printers for 16 years |url=https://www.zdnet.com/article/hp-patches-vulnerable-printer-driver-impacting-millions-of-devices/ |access-date=5 November 2022 |work=ZDNET |language=en |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175042/https://www.zdnet.com/article/hp-patches-vulnerable-printer-driver-impacting-millions-of-devices/ |url-status=live }}</ref> There is a lack of effective kernel vulnerability detection tools, especially for closed-source OSes such as Microsoft Windows<ref>{{cite book |last1=Pan |first1=Jianfeng |last2=Yan |first2=Guanglu |last3=Fan |first3=Xiaocao |title=Digtool: A {Virtualization-Based} Framework for Detecting Kernel Vulnerabilities |url=https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/pan |access-date=5 November 2022 |pages=149β165 |language=en |date=2017|publisher=USENIX Association |isbn=9781931971409 }}</ref> where the source code of the device drivers is mostly [[Proprietary software|proprietary]] and not available to examine,<ref>{{cite news |last1=King |first1=Bertel |title=Closed Source vs. Open Source Hardware Drivers: Why It Matters |url=https://www.makeuseof.com/closed-source-vs-open-source-hardware-drivers/ |access-date=5 November 2022 |work=MUO |date=18 June 2022 |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175040/https://www.makeuseof.com/closed-source-vs-open-source-hardware-drivers/ |url-status=live }}</ref> and drivers often have many privileges.<ref>{{cite news |last1=Branscombe |first1=Mary |title=How Microsoft blocks vulnerable and malicious drivers in Defender, third-party security tools and in Windows 11 |url=https://www.techrepublic.com/article/how-microsoft-blocks-vulnerable-malicious-drivers-defender-third-party-security-tools-windows-11/ |access-date=5 November 2022 |work=TechRepublic |date=7 April 2022 |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175043/https://www.techrepublic.com/article/how-microsoft-blocks-vulnerable-malicious-drivers-defender-third-party-security-tools-windows-11/ |url-status=live }}</ref><ref>{{cite news |last1=Goodin |first1=Dan |title=No fix in sight for mile-wide loophole plaguing a key Windows defense for years |url=https://arstechnica.com/information-technology/2022/10/no-fix-in-sight-for-mile-wide-loophole-plaguing-a-key-windows-defense-for-years/ |access-date=5 November 2022 |work=Ars Technica |date=5 October 2022 |language=en-us |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175043/https://arstechnica.com/information-technology/2022/10/no-fix-in-sight-for-mile-wide-loophole-plaguing-a-key-windows-defense-for-years/ |url-status=live }}</ref><ref>{{cite news |last1=Davenport |first1=Corbin |title="Bring Your Own Vulnerable Driver" Attacks Are Breaking Windows |url=https://www.howtogeek.com/820374/bring-your-own-vulnerable-driver-attacks-are-breaking-windows/ |access-date=5 November 2022 |work=How-To Geek |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175043/https://www.howtogeek.com/820374/bring-your-own-vulnerable-driver-attacks-are-breaking-windows/ |url-status=live }}</ref><ref>{{cite news |title=Windows 10 Security Alert: Vulnerabilities Found in Over 40 Drivers |url=https://www.bleepingcomputer.com/news/security/windows-10-security-alert-vulnerabilities-found-in-over-40-drivers/ |access-date=5 November 2022 |work=BleepingComputer |language=en-us |archive-date=5 November 2022 |archive-url=https://web.archive.org/web/20221105175043/https://www.bleepingcomputer.com/news/security/windows-10-security-alert-vulnerabilities-found-in-over-40-drivers/ |url-status=live }}</ref> A group of security researchers considers the lack of isolation as one of the [[Computer security|main factors]] undermining [[Kernel (operating system)#Protection|kernel security]],<ref>{{cite web |title=Fine-grained kernel isolation |url=https://mars-research.github.io/projects/kernel-isolation/ |website=mars-research.github.io |access-date=15 September 2022 |language=en |archive-date=15 September 2022 |archive-url=https://web.archive.org/web/20220915120154/https://mars-research.github.io/projects/kernel-isolation/ |url-status=live }}</ref> and published an [[Sandbox (computer security)|isolation]] framework to protect operating system kernels, primarily the [[Monolithic kernel|monolithic]] [[Linux kernel]] whose drivers they say get ~80,000 [[Commit (version control)|commits]] per year.<ref>{{cite news |last1=Fetzer |first1=Mary |title=Automatic device driver isolation protects against bugs in operating systems |url=https://techxplore.com/news/2022-08-automatic-device-driver-isolation-bugs.html |access-date=15 September 2022 |work=[[Pennsylvania State University]] via techxplore.com |language=en |archive-date=15 September 2022 |archive-url=https://web.archive.org/web/20220915120154/https://techxplore.com/news/2022-08-automatic-device-driver-isolation-bugs.html |url-status=live }}</ref><ref>{{cite web |last1=Huang |first1=Yongzhe |last2=Narayanan |first2=Vikram |last3=Detweiler |first3=David |last4=Huang |first4=Kaiming |last5=Tan |first5=Gang |last6=Jaeger |first6=Trent |last7=Burtsev |first7=Anton |title=KSplit: Automating Device Driver Isolation |url=https://mars-research.github.io/doc/ksplit-osdi22.pdf |access-date=15 September 2022 |date=2022 |archive-date=15 September 2022 |archive-url=https://web.archive.org/web/20220915120155/https://mars-research.github.io/doc/ksplit-osdi22.pdf |url-status=live }}</ref> {{Excerpt|Kernel (operating system)|Protection|paragraphs=1-2}}
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)