Bleeping Computer

New Windows Driver Signature bypass allows kernel rootkit installs

Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems. This is possible by taking control of ...
Dark Reading

Hackers Exploit Policy Loophole in Windows Kernel Drivers

Hackers are using open source tools to exploit a Windows policy loophole for kernel mode drivers to load malicious and unverified drivers with expired certificates, researchers have found. The ...
CSO Online

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools.
TWCN Tech News

Windows Driver Foundation WUDFHost.exe using high CPU

Windows Driver Foundation – User-mode Driver Framework (WUDFHost.exe) is a set of libraries and tools by Microsoft which helps reduce the complexity while writing Windows drivers. It pushes drivers to ...