An article by Computing magazine has reported that controls that Microsoft rolled out to protect Windows 11 from hackers seeking to exploit security vulnerabilities in hardware and device drivers are inadequate, security researchesrs at VMware claimed last week.
The full Computing article can be read here: Windows 11 security ineffective against attacks on old device drivers.
The article reports how Microsoft still allows unmaintained drivers signed by outdated certificates that are not on the list to load into the Windows kernel. Hacker could exploit the old drivers to gain priviledged administrator rights to access secure parts of a Windows system.
We advise as part of your cyber resilience to ensure that systems are updated to the latest software and firmware wherever possible to ensure that you have better protection against cyber attacks. Review:
The importance of software updates (PaperCut vulnerability and Rhysida ransomware)
Be Cyber Aware: Why regular software updates are important
However, this information does highlight that old devices can be a vulnerability. As part of our Information and Cyber Security checklist we advise a regular review of software and hardware and a check as to whether old equipment should remain on the network. Old equipment is an unfortunate part of the current school environment and something not quickly fixed so in those situations we would advise reviewing whether old devices can at least update to the latest operating system version. Further help and advice can be found in our Information and Cyber Security Best Practice Area.
Our Information and Cyber Security Checklist can help when reviewing information security systems in your organisation (a current Data Protection Education subscription is required to view the checklist):