Device drivers require frequent updates. As such, manufacturers periodically update device drivers to add functionality or enhance driver performance. You can get to your device drivers to check for updates in multiple ways. For instance, you can open Device Manager in Windows and check ‘Hardware Devices’ for any update by right-clicking it and selecting ‘Update driver software’ option. Alternatively, users can refer the updated guide on driver security – Driver Security Guidance, released by Microsoft.
Microsoft Updates Driver Security Guidance List
The guide available as ‘Driver Security Guidance’ document contains information on enhancing driver security to ensure Windows drivers are secured against basic attacks and preventable flaws.
Driver security checklist – The checklist outlines steps to reduce support costs and increase customer satisfaction with their product, thereby helping reduce the risk of drivers from being compromised.
Threat modeling for drivers – This driver security guidance highlights the importance of driver security and advises driver writers and architects to incorporate threat modeling an integral part of the design process for any driver. Besides, it also provides guidelines for creating threat models for drivers.
Windows security model for driver developers – It describes how the Windows security model is applicable to drivers and enlists certain prerequisites that driver writers must meet or oblige with to improve the security of their devices. The model is basically is based on securable objects.
Use the Device Guard Readiness Tool to evaluate HVCI driver compatibility – This topic describes how to use the tool to evaluate the ability of a driver to run in a Hypervisor-protected Code Integrity (HVCI) environment. The Device Guard Readiness tool is designed to check a number of requirements for creating a PC that supports a variety of security enhancement features.
Compromising the functionality of the drivers is one of the easiest ways to gain access to a healthy system and execute malicious code. As such, protecting drivers with relevant tools and proper security arrangement should be the priority for any device maker.
You can read the full details on docs.microsoft.com.
