Eclypsium, an Oregon security company, claims
that drivers on Microsoft's Windows platform are a security mess. Who could have guessed? Their researchers found serious flaws in more than 40 drivers from at least 20 different hardware vendors. Apparently every single one of these vulnerabilities allows the driver to hand over "access to the hardware resources, such as read and write access to processor and chipset I/O space, Model Specific Registers (MSR), Control Registers (CR), Debug Registers (DR), physical memory and kernel virtual memory. This is a privilege escalation as it can move an attacker from user mode (Ring 3) to OS kernel mode (Ring 0).
" Basically, complete control of the impacted machine. Not only that, these potentially allow malware to compromise your UEFI and persist across an operating system re-installation. They also add that not only do these drivers provide the necessary access, they also provide the mechanism to make changes. Scary stuff.
What's perhaps most interesting is that every driver they tested was signed by a Certificate Authority and had Microsoft's stamp of approval on them. Tie that to the fact that you can no longer block updates on Home versions of Windows 10, and you've got one heck of a potentially serious problem. In other words, these impacted problematic drivers are almost certainly going to be installed on possibly millions of PCs. If you were thinking that you can just stick with Windows 7 to be safe from these vulnerabilities, sadly, all modern versions of Windows are impacted. You can block updates on Windows 7, however, that's likely not a solution since there is a good chance you're already running problematic drivers. You may also be later to receive a patch for older versions of Windows as the newest version is prioritized.