- Apr 24, 2016
Earlier today, Microsoft released its Patch Tuesday updates for Windows 10 (KB5028166) and Windows 11(KB5028185). The company announced separately about the new Dynamic SafeOS updates meant for hardening the security mitigations put in place against Secure Boot vulnerabilities.
Alongside changes made to its Secure Boot DBX, Microsoft also added several malicious drivers to its Windows Driver.STL revocation list. Microsoft was informed of these vulnerable drivers by security research firms Cisco Talos, Sophos, and Trend Micro.
On a dedicated security advisory ADV230001, Microsoft explains the issue (CVE-2023-32046) which was a result of maliciously signed WHQL drivers.
Microsoft released its latest July Patch Tuesday updates earlier today. The company added a revocation list featuring multiple WHQL-signed Windows drivers that were actually malware.