Buying Guides
by Review Geek

Browse All Buying Guides
How-to Geek Best Of Badge Award

Reader Favorites

8 Best Wireless Mechanical Keyboards
5 Best Places to Buy Vinyl Records Online
8 Best Hot Swappable Mechanical Keyboards
Apps to Share Your Location with Family
The 5 Best Trip Planning Apps
The Best Multi-Device Mice and Keyboards for Power Users
7 LEGO Alternatives That Still Work With LEGO Bricks

More from Review Geek

Browse All Buying Guides
Browse All Latest News

Review Geek Editorials

Why Everyone Needs to Stock up on Power Banks
I Switched to a Galaxy S21 and I Hate It
I Tried Carvana: It Was Worse Than The Dealer
Don't Buy an Electric Riding Lawn Mower
Why We Can't Recommend Wyze or eufy Cameras
Don't Buy This Fake 16TB Portable Hard Drive
You Don't Really Ever Own an EV

More from Review Geek

Browse All Reviews
Browse All Buying Guides
How-to Geek Editor Choice Badge Award

Across LifeSavvy Media

FROM LIFESAVVY
BedJet 3 Review: Personalized Bed Climate Control Made Easy
BlendJet 2 Portable Blender Review: Power on the Go
FROM HOW-TO GEEK
Onyx BOOX Tab Ultra C Review: Tempting E-Paper Tablet With Shortcomings
Samsung Galaxy S23 Ultra Review: Practical Perfection With a Hint of Restraint
We select and review products independently. When you purchase through our links we may earn a commission. Learn more.
X
Popular Searches
News

After Approving Rootkit Malware, Microsoft Will Refine Code Signing Process

Suzanne Humphries
Suzanne Humphries
Former Commerce Editor

Suzanne Humphries was a Commerce Editor for Review Geek. She has over seven years of experience across multiple publications researching and testing products, as well as writing and editing news, reviews, and how-to articles covering software, hardware, entertainment, networking, electronics, gaming, apps, security, finance, and small business. Read more...

About Review Geek

| 1 min read
Microsoft logo at the company's office building located in Silicon Valley south San Francisco bay area
Sundry Photography/Shutterstock.com

Microsoft signed off on a driver that contains rootkit malware. Despite having processes and checkpoints—like code signing and the Windows Hardware Compatibility Program (WHCP)—in place to prevent such events from happening, the driver still managed to pass through.

The third-party Windows driver, Netfilter, was observed communicating with Chinese command-and-control IPs. Netfilter was distributed within the gaming community. It was first detected by G Data malware analyst Karsten Hahn (and soon further vetted by the infosec community at large and Bleeping Computer), who immediately shared notice of the breach on Twitter and notified Microsoft.

Though Microsoft has confirmed that it did, indeed, sign off on the driver, there is no clear information yet regarding how the driver made it through the company’s certificate-signing process. Microsoft is currently investigating and said it “will be sharing an update on how we are refining our partner access policies, validation and the signing process to further enhance our protections.”

Currently, there is no evidence that the malware writers stole certificates, or that the activity can be attributed to a nation-state actor. Microsoft also noted that the malware has had a limited impact, taking aim at gamers and not enterprise users. “We have suspended the account and reviewed their submissions for additional signs of malware,” Microsoft shared in a blog update.

Despite the malware seeming to have little to no impact, and Microsoft eagerly working to resolve the issue and refine its code signing process, the incident has nonetheless disrupted user trust in Microsoft. The average user depends on these certificates and checkpoints to have a way to know that updates and new drivers are safe to install. This disruption could make users wary of future downloads for some time to come.

via Engadget

Suzanne Humphries Suzanne Humphries
Suzanne Humphries was a Commerce Editor for Review Geek. She has over seven years of experience across multiple publications researching and testing products, as well as writing and editing news, reviews, and how-to articles covering software, hardware, entertainment, networking, electronics, gaming, apps, security, finance, and small business. Read Full Bio »