At DEFCON 27 in Las Vegas, there was a talk of how common design flaws have been identified in over 40 kernel drivers covering about 20 vendors. In my opinion, its another example of just how important it is to be thinking about CyberSecurity at all times and with all devices.
The common design flaws is that low-privileged applications can use legitimate driver functions to execute malicious actions in the most sensitive areas of the Windows operating system, such as the Windows kernel.
And from Mickey Shkatov, Principal Researcher at Eclypsium:
“There are a number of hardware resources that are normally only accessible by privileged software such as the Windows kernel and need to be protected from malicious read/write from userspace applications.”
“The design flaw surfaces when signed drivers provide functionality which can be misused by userspace applications to perform arbitrary read/write of these sensitive resources without any restriction or checks from Microsoft.”
Check out the full article here for more details!