pixel
Connect with us

Business

Microsoft screwed up and approved a driver that was actually malware targeted at gamers

Oops, we guess?

microsoft 365 on macbook
Image: KnowTechie

Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.

Microsoft had a snafu with its driver signing process and accidentally signed a rootkit that was communicating with Chinese-based IP servers. First noticed by security researchers at G Data, Microsoft later confirmed to BleepingComputer that the “Netfilter” driver was erroneously signed.

That’s bad, as any driver with a Microsoft Certificate is seen as okay by the operating system, which lets them install without workarounds. This particular driver seems to have been accidentally signed, after the threat actor submitted the malicious code to Microsoft’s usual certification process, the normal process to get signed drivers.

It’s not clear at this point how the malware got through the signing process, with Microsoft saying that it’s investigating what happened. Microsoft has also said that the driver seemed to be targeting gamers in China specifically, and there are no indications of enterprise-level environments being affected.

The company, Ningbo Zhuo Zhi Innovation Network Technology Co., Ltd, has also had their developer account suspended, with Microsoft rechecking all of their other submissions for further malware.

The big news here isn’t so much the driver, but that it made it through the supposedly secure signing process. That process is one of the trust factors underpinning modern computing environments, and anything eroding that trust makes the world less safe.

It’s not hard to see people delaying software updates or other upgrades based on security fears, and those updates often fix critical security holes.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Follow us on Flipboard, Google News, or Apple News

Maker, meme-r, and unabashed geek with nearly half a decade of blogging experience at KnowTechie, SlashGear and XDA Developers. If it runs on electricity (or even if it doesn't), Joe probably has one around his office somewhere, with particular focus in gadgetry and handheld gaming. Shoot him an email at joe@knowtechie.com.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in Business