Privacy and Security Enable or Disable Microsoft Vulnerable Driver Blocklist in Windows 11

  • Thread starter Thread starter Brink
  • Start date Published: Start date Updated Updated:
  • Tags Tags
    driver

Windows_Security_banner.png

This tutorial will show you how to turn on or off the Microsoft Vulnerable Driver Blocklist for all users in Windows 10 and Windows 11.

Starting with Windows 10 (KB5018482) and Windows 11 (KB5018483 and KB5018496), the Microsoft Vulnerable Driver Blocklist is enabled by default.

The vulnerable driver blocklist is also enforced when either memory integrity (also known as hypervisor-protected code integrity or HVCI), Smart App Control, or S mode is active. Users can opt in to HVCI using the Windows Security app, and HVCI is on by-default for most new Windows 11 devices.

The vulnerable driver blocklist is designed to help harden systems against third party-developed drivers across the Windows ecosystem with any of the following attributes:
  • Known security vulnerabilities that can be exploited by attackers to elevate privileges in the Windows kernel
  • Malicious behaviors (malware) or certificates used to sign malware
  • Behaviors that aren't malicious but circumvent the Windows Security Model and can be exploited by attackers to elevate privileges in the Windows kernel
References:

KB5020779—The vulnerable driver blocklist after the October 2022 preview release - Microsoft Support

support.microsoft.com support.microsoft.com
learn.microsoft.com

Microsoft recommended driver block rules

View a list of recommended block rules to block vulnerable third-party drivers discovered by Microsoft and the security research community.
learn.microsoft.com


You must be signed in as an administrator to turn on or off the Microsoft Vulnerable Driver Blocklist


The option to turn Microsoft's vulnerable driver blocklist on or off using the Windows Security app is grayed out when HVCI (Memory Integrity), Smart App Control, or S mode is enabled.

You must disable HVCI (Memory Integrity) or Smart App Control, or switch the device out of S mode, and restart the computer before you can turn off the Microsoft vulnerable driver blocklist.



Contents

  • Option One: Turn On or Off Microsoft Vulnerable Driver Blocklist in Windows Security
  • Option Two: Turn On or Off Microsoft Vulnerable Driver Blocklist using REG file




Option One

Turn On or Off Microsoft Vulnerable Driver Blocklist in Windows Security


1 Open Windows Security.

2 Click/tap on Device security on the left side, and click/tap on the Core isolation details link on the right side. (see screenshot below)

Microsoft_Vulnerable_Driver_Blocklist-1.png

3 Turn on (default) or off Microsoft Vulnerable Driver Blocklist for what you want. (see screenshot below)

Microsoft_Vulnerable_Driver_Blocklist-3.png

4 If prompted by UAC, click/tap on Yes to approve.

5 You can now close Windows Security if you like.




Option Two

Turn On or Off Microsoft Vulnerable Driver Blocklist using REG file


1 Do step 2 (on) or step 3 (off) below for what you want.

2 Turn On Microsoft Vulnerable Driver Blocklist

This is the default setting.


A) Click/tap on the Download button below to download the REG file below, and go to step 4 below.​

Turn_ON_Microsoft_Vulnerable_Driver_Blocklist.reg


(Contents of REG file for reference)
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Config]
"VulnerableDriverBlocklistEnable"=dword:00000001

3 Turn Off Microsoft Vulnerable Driver Blocklist

A) Click/tap on the Download button below to download the REG file below, and go to step 4 below.​

Turn_OFF_Microsoft_Vulnerable_Driver_Blocklist.reg


(Contents of REG file for reference)
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Config]
"VulnerableDriverBlocklistEnable"=dword:00000000

4 Save the .reg file to your desktop.

5 Double click/tap on the downloaded .reg file to merge it.

6 When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.

7 You can now delete the downloaded .reg file if you like.


That's it,
Shawn Brink
 

Attachments

Last edited:
Click to expand...
As I look into my crystal ball... I foresee a time when there will be shady characters on the street corner saying: "Pssst, hey man, you want to buy a way to Disable Microsoft Vulnerable Driver Blocklist?"


@Brink

There should be an auto-award system for tutorials, based on number of downloads.
Cause this one will surely hit platinum. :-)


Seems to be a well-balanced article...
www.itprotoday.com

Should You Use Microsoft Vulnerable Driver Blocklist?

Microsoft Vulnerable Driver Blocklist lets users block vulnerable hardware device drivers. Before using this Windows security feature, considers these risks.
www.itprotoday.com www.itprotoday.com
 
Last edited:

My Computers

System One System Two

  • OS
    Win 11 Home ♦♦♦26100.3624 ♦♦♦♦♦♦♦24H2 ♦♦♦non-Insider
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® [May 2020]
    CPU
    AMD Ryzen 7 3700X
    Motherboard
    Asus Pro WS X570-ACE (BIOS 5002)
    Memory
    G.Skill (F4-3200C14D-16GTZKW)
    Graphics Card(s)
    EVGA RTX 2070 (08G-P4-2171-KR)
    Sound Card
    Realtek ALC1220P / ALC S1220A
    Monitor(s) Displays
    Dell U3011 30"
    Screen Resolution
    2560 x 1600
    Hard Drives
    2x Samsung 860 EVO 500GB,
    WD 4TB Black FZBX - SATA III,
    WD 8TB Black FZBX - SATA III,
    DRW-24B1ST CD/DVD Burner
    PSU
    PC Power & Cooling 750W Quad EPS12V
    Case
    Cooler Master ATCS 840 Tower
    Cooling
    CM Hyper 212 EVO (push/pull)
    Keyboard
    Ducky DK9008 Shine II Blue LED
    Mouse
    Logitech Optical M-100
    Internet Speed
    300/300
    Browser
    Firefox (latest)
    Antivirus
    Bitdefender Internet Security
    Other Info
    Speakers: Klipsch Pro Media 2.1
  • Operating System
    Windows XP Pro 32bit w/SP3
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® (not in use)
    CPU
    AMD Athlon 64 X2 5000+ (OC'd @ 3.2Ghz)
    Motherboard
    ASUS M2N32-SLI Deluxe Wireless Edition
    Memory
    TWIN2X2048-6400C4DHX (2 x 1GB, DDR2 800)
    Graphics card(s)
    EVGA 256-P2-N758-TR GeForce 8600GT SSC
    Sound Card
    Onboard
    Monitor(s) Displays
    ViewSonic G90FB Black 19" Professional (CRT)
    Screen Resolution
    up to 2048 x 1536
    Hard Drives
    WD 36GB 10,000rpm Raptor SATA
    Seagate 80GB 7200rpm SATA
    Lite-On LTR-52246S CD/RW
    Lite-On LH-18A1P CD/DVD Burner
    PSU
    PC Power & Cooling Silencer 750 Quad EPS12V
    Case
    Generic Beige case, 80mm fans
    Cooling
    ZALMAN 9500A 92mm CPU Cooler
    Mouse
    Logitech Optical M-BT96a
    Keyboard
    Logitech Classic Keybooard 200
    Internet Speed
    300/300
    Browser
    Firefox 3.x ??
    Antivirus
    Symantec (Norton)
    Other Info
    Still assembled, still runs. Haven't turned it on for 15 years?
Hi,
Guessing I'll be fourth +- a grand :lmao:
 

My Computer

System One

  • OS
    Win-7-10-11Pro's
    Computer type
    PC/Desktop
    Manufacturer/Model
    Acer 17" Nitro 7840sn/ 2x16gb 5600c40/ 4060/ stock 1tb-os/ 4tb sn850x
    CPU
    10900k & 9940x & 5930k
    Motherboard
    z490-Apex & x299-Apex & x99-Sabertooth
    Memory
    Trident-Z Royal 4000c16 2x16gb & Trident-Z 3600c16 4x8gb & 3200c14 4x8gb
    Graphics Card(s)
    Titan Xp & 1080ti FTW3 & evga 980ti gaming
    Sound Card
    Onboard Realtek x3
    Monitor(s) Displays
    1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
    Screen Resolution
    1920-1080 not sure what the t.v is besides 43" class scales from 1920-1080 perfectly
    Hard Drives
    2-WD-sn850x 4tb/ 970evo+500gb/ 980 pro 2tb.
    PSU
    1000p2 & 1200p2 & 850p2
    Case
    D450 x2 & 1 Test bench in cherry Entertainment center
    Cooling
    Custom water loops x3 with 2x mora 360mm rads only 980ti gaming air cooled
    Keyboard
    G710+x3
    Mouse
    Redragon x3
    Internet Speed
    xfinity gigabyte
    Browser
    Firefox
    Antivirus
    mbam pro

My Computers

System One System Two

  • OS
    Win 11 Home ♦♦♦26100.3624 ♦♦♦♦♦♦♦24H2 ♦♦♦non-Insider
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® [May 2020]
    CPU
    AMD Ryzen 7 3700X
    Motherboard
    Asus Pro WS X570-ACE (BIOS 5002)
    Memory
    G.Skill (F4-3200C14D-16GTZKW)
    Graphics Card(s)
    EVGA RTX 2070 (08G-P4-2171-KR)
    Sound Card
    Realtek ALC1220P / ALC S1220A
    Monitor(s) Displays
    Dell U3011 30"
    Screen Resolution
    2560 x 1600
    Hard Drives
    2x Samsung 860 EVO 500GB,
    WD 4TB Black FZBX - SATA III,
    WD 8TB Black FZBX - SATA III,
    DRW-24B1ST CD/DVD Burner
    PSU
    PC Power & Cooling 750W Quad EPS12V
    Case
    Cooler Master ATCS 840 Tower
    Cooling
    CM Hyper 212 EVO (push/pull)
    Keyboard
    Ducky DK9008 Shine II Blue LED
    Mouse
    Logitech Optical M-100
    Internet Speed
    300/300
    Browser
    Firefox (latest)
    Antivirus
    Bitdefender Internet Security
    Other Info
    Speakers: Klipsch Pro Media 2.1
  • Operating System
    Windows XP Pro 32bit w/SP3
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® (not in use)
    CPU
    AMD Athlon 64 X2 5000+ (OC'd @ 3.2Ghz)
    Motherboard
    ASUS M2N32-SLI Deluxe Wireless Edition
    Memory
    TWIN2X2048-6400C4DHX (2 x 1GB, DDR2 800)
    Graphics card(s)
    EVGA 256-P2-N758-TR GeForce 8600GT SSC
    Sound Card
    Onboard
    Monitor(s) Displays
    ViewSonic G90FB Black 19" Professional (CRT)
    Screen Resolution
    up to 2048 x 1536
    Hard Drives
    WD 36GB 10,000rpm Raptor SATA
    Seagate 80GB 7200rpm SATA
    Lite-On LTR-52246S CD/RW
    Lite-On LH-18A1P CD/DVD Burner
    PSU
    PC Power & Cooling Silencer 750 Quad EPS12V
    Case
    Generic Beige case, 80mm fans
    Cooling
    ZALMAN 9500A 92mm CPU Cooler
    Mouse
    Logitech Optical M-BT96a
    Keyboard
    Logitech Classic Keybooard 200
    Internet Speed
    300/300
    Browser
    Firefox 3.x ??
    Antivirus
    Symantec (Norton)
    Other Info
    Still assembled, still runs. Haven't turned it on for 15 years?
22H2 22621.1485 with MBAM free

I cannot enable MS vulnerable driver blocklist. I read it is enabled by default. I have ennabled virtualization in UEFI.
I am not too techy so if it should be enabled is there a relatively easy way to do this?
I read smart app control cannot be enabledd so which is better to enablee? I think smart app is ennabled but don't know where it is.
 

My Computer

System One

  • OS
    Windows 11 pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    ASUS built by Micro center
    CPU
    Intel Core i9- 12900K Alder Lake 3.2 GHz LGA1700
    Motherboard
    Asus prime Z790-v WI FI Intel LGA1700 ATX
    Memory
    G-Skill Ripjaws S5 32GB
    Graphics Card(s)
    NVIDIA GEForce GTX1616 Super dual fan
    Hard Drives
    Samsung 500GB 860 EVO
    PSU
    Thermalake 500 Watt
    Case
    V 100ATX
    Antivirus
    Defender primary with MBAM free secondary
Anyway to create an exception or whitelist for leaving the vulnerable driver blocklist on?
 

My Computer

System One

  • OS
    Win 11 Pro
It's getting crazier all the time; currently with (Win 11) 24H2 Build 26100.3194. That option is always greyed out no matter what the setting inside the registry is. I am using an Logitech G19 Keyboard which has a display build in. I have got a newer version of driversoftware from 2022 where the remark is
  • Updated drivers for Windows 10 and 11 code integrity(HVCI) compatibility
Despite that claim Microsoft don't trust that driver at all. Keyboard and Hub are functioning. But the display is blank. (By default my display shows the CPU and Memory usage of the system) Tinkered with all kind settings but to no reveal. Found one solution that worked; Turning off the memory integrity all together. I am not very happy with this but it was the only setting that turned off that damned driver blocklist inside Windows. Crazy I know.... The only thing that's turn on is "Security local securityinstances" OK my keyboard is dated but it's still doing fine. And who is Microsoft to block the drivers of that keyboard. Yeah... Buy a new keyboard. Sorry that model does not have a modern equivalent. Keyboards now must be cheap as possible so sorry; no display.

If only that option was to turn it off or on all the time that would solved it. Now I must turn off a bigger important thing. Madness. 😒😒
 

My Computer

System One

  • OS
    Win 11 Pro 24H2 Build 26100.3624, RHEL 9,5
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self built
    CPU
    Intel® Core™ i7-12700KF 12th Gen.
    Motherboard
    ASUS Prime Z690-A, BIOS v4101
    Memory
    32GB DDR5 5600-36 Vengeance
    Graphics Card(s)
    PCIe5.0 Asus NVIDIA RTX3060Ti
    Sound Card
    Onboard; Realtek
    Monitor(s) Displays
    34" LG 34UC79G-B Curved 21:9 144Hz
    Screen Resolution
    2560x1080 (No HDR)
    Hard Drives
    250Gb Samsung 870PRO NVMe
    1Tb Samsung 980PRO NVMe
    1Tb Samsung 970EVO NVMe
    4Tb WDC WD40EZRZ SATA (Int.)
    4Tb WDC WD40EZRZ USB3.0 (Ext.)
    256 Samsung 840PRO SSD (RHEL 9,5)
    PSU
    Coolermaster 850W V2 Gold with internal 12cm exaust fan
    Case
    Inter-Tech B-48 ATX
    Cooling
    2x be quiet! 12cm "Silent Wings 4" casefans, 1x Arctic Freezer i35 CPU towerblock
    Keyboard
    Logitech LG-19
    Mouse
    Logitech G-502 Hero
    Internet Speed
    1Gb
    Browser
    Google Chrome
    Antivirus
    F-Secure
    Other Info
    No Noise system.
    256Gb Kingston Travler USB 3.0 drive.
    8Gb Philips USB 3.0 drive. (Win. Inst.)
    8Gb Philips USB 3.0 drive. (Rescue disk)
    2Tb WD USB 3.0 Passport drive.
    External USB 3.0 C.A. CD/DVD* burner.

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender
Brink said:
Hello @hader, :alien:

The option to turn Microsoft's vulnerable driver blocklist on or off using the Windows Security app is grayed out when HVCI (Memory Integrity), Smart App Control, or S mode is enabled.

You must disable HVCI (Memory Integrity) or Smart App Control, or switch the device out of S mode, and restart the computer before you can turn off the Microsoft vulnerable driver blocklist.

Click to expand...
Thanks for the additional info.

In my case; Smart App Control was already off. (Can't turn this on without reinstalling windows again) Nothing in S mode.

So in order to turn off the Microsoft vulnerable driver blocklist I had to turn the Memory Integrity also off.
As long as this was on the switch "Microsoft vulnerable driver blocklist" was greyed out and turned on.
 

My Computer

System One

  • OS
    Win 11 Pro 24H2 Build 26100.3624, RHEL 9,5
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self built
    CPU
    Intel® Core™ i7-12700KF 12th Gen.
    Motherboard
    ASUS Prime Z690-A, BIOS v4101
    Memory
    32GB DDR5 5600-36 Vengeance
    Graphics Card(s)
    PCIe5.0 Asus NVIDIA RTX3060Ti
    Sound Card
    Onboard; Realtek
    Monitor(s) Displays
    34" LG 34UC79G-B Curved 21:9 144Hz
    Screen Resolution
    2560x1080 (No HDR)
    Hard Drives
    250Gb Samsung 870PRO NVMe
    1Tb Samsung 980PRO NVMe
    1Tb Samsung 970EVO NVMe
    4Tb WDC WD40EZRZ SATA (Int.)
    4Tb WDC WD40EZRZ USB3.0 (Ext.)
    256 Samsung 840PRO SSD (RHEL 9,5)
    PSU
    Coolermaster 850W V2 Gold with internal 12cm exaust fan
    Case
    Inter-Tech B-48 ATX
    Cooling
    2x be quiet! 12cm "Silent Wings 4" casefans, 1x Arctic Freezer i35 CPU towerblock
    Keyboard
    Logitech LG-19
    Mouse
    Logitech G-502 Hero
    Internet Speed
    1Gb
    Browser
    Google Chrome
    Antivirus
    F-Secure
    Other Info
    No Noise system.
    256Gb Kingston Travler USB 3.0 drive.
    8Gb Philips USB 3.0 drive. (Win. Inst.)
    8Gb Philips USB 3.0 drive. (Rescue disk)
    2Tb WD USB 3.0 Passport drive.
    External USB 3.0 C.A. CD/DVD* burner.
hader said:
Thanks for the additional info.

In my case; Smart App Control was already off. (Can't turn this on without reinstalling windows again) Nothing in S mode.

So in order to turn off the Microsoft vulnerable driver blocklist I had to turn the Memory Integrity also off.
As long as this was on the switch "Microsoft vulnerable driver blocklist" was greyed out and turned on.
Click to expand...

Correct. Too bad it can't just be a simple on/off.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender
@Brink,
Hello,
Is there a simple way to see the list of blocked drivers?
 

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell XPS 8930
    CPU
    Intel I9-9900K
    Memory
    64GB
    Graphics Card(s)
    NVIDIA RTX 2060
    Sound Card
    NVIDIA High Definition Audio
    Monitor(s) Displays
    4k Samsung
    Screen Resolution
    3840 x 2160
    Hard Drives
    512GB NVMe, ADATA SU 800, 2TB HDD
The list of blocked drivers is provided in XML format, for every major Windows release (21H2, 22H2... 24H2).
Microsoft recommended driver block rules

Unfortunately, they're mostly expressed as signed SHA1 or SHA256 hashes, but you can kinda manipulate the XML to get some vendor identifiers.
AGENT64, Agent64
AMIFLDRV, amifldrv64
AMP, System Mechanic CVE-2018-5701
AODDRIVER, AMD AODDriver
ASIO, asio
ASIO, ASIO32.sys
ASIO, ASIO64.sys
ASIO_32, ASIO32.sys
ASIO_64, ASIO64.sys
ASIO3, asio3
ASMMAP, Asus Memory Mapping Driver
ASRDRV10, AsrDrv10.sys
ASRDRV101, AsrDrv101.sys
ASRDRV102, AsrDrv102.sys
ASRDRV103, AsrDrv103.sys
ASRDRV104, asrdrv104
ASRDRV105, AsrDrv105.sys
ASRDRV105, AsrDrv105n.sys
ASRDRV106, AsrDrv106.sys
ASRDRV106, AsrDrv106n.sys
ASRDRV107, AsrDrv107.sys
ASRDRV107, AsrDrv107n.sys
ASRSETUPDRV103, AsrSetupDrv103
ASUPIO64, AsUpIO64.sys
ATILLK, atillk64
BANDAI, bandainamcoonline.sys
BEDAISY, BEDaisy.sys
BS, BS_RCIO64 5651466512138240
BS, BS_RCIO64 73327429c505d8c5fd690a8ec019ed4fd5a726b607cabe71509111c7bfe9fc7e
BS_RCIO, BS_RCIO
BSFLASH64, BS_Flash64.sys
BSHWMIO64, BS_HWMIo64.sys
CAPCOM, capcom.sys
DBK, Cheat Engine Driver
DBUTIL, 32-bit dell dbutil.sys
DBUTIL, 64-bit dell dbutil.sys
DBUTIL, DBUtil.sys
DBUTIL, DBUtil.sys 2.3 x86
DELLBIOS, DellBIOS.sys
DHKERNEL, YY_DhKernel
DIRECTIO, DirectIO32
DIRECTIO, PassMark DirectIo.sys
ECHO, Inspect EchoDriver
ECSIODRV, EliteGroup ECSioDriver
EIO64, Asus EIO64
FH_ETHER, Omron FH-Ether
FIDDRV, fiddrv.sys
FIDDRV64, fiddrv64.sys
FIDPCIDRV, fidpcidrv.sys
FIDPCIDRV64, fidpcidrv64.sys
GDRV, gdrv.sys
GEDEVDRV, GEDevDrv.sys
GLCKIO2, GLCKIO2.sys
GMER, gmer
GVCIDRV, Gigabyte gvcidrv
GVCIDRV64, GVCIDrv64.sys
HW, hw_sys
HWRWDRV, HwRwDrv.sys
INPOUTX, inpoutx
IOACCESS, IoAccess.sys
IOBITUNLOCKER, IoBitUnlocker
IREC, IREC.sys
KERNELD, Firewire kerneld
KLMD, Kaspersky klmd.sys FileRule
LGCORETEMP, lgcoretemp
MHYPROT2, mhyprot2.sys
MHYPROT3, mhyprot3.sys
MHYPROTECT, mhyprotect.sys
MHYPROTNAP, mhyprotnap.sys
MHYPROTRG, mhyprotrpg.sys
MSIO, MsIo.sys
MSR, Datapath msr.sys
MSRHOOK, IDTech MSRHook
NVFLASH, nvflash.sys
NVOCLOCK, nvoclock
OTIPCIBUS, otipcibus.sys
PCHUNTER, PCHunter Driver
PCHUNTER, PCHunter.sys
PDFWKKRNL, AMD PDFWKRNL.sys
PHYDMACC, phydmaccx64
PHYDMACC, PhyDMACCx86.sys
PHYMEM, Shenzhen Moyea Phymem.sys
PHYMEMX, Phymemx64 Memory Mapping Driver
PHYMEMX64, phymemx64
PIDDRV, piddrv.sys
PIDDRV64, piddrv64.sys
PPLKILLER, Niche Technologies pplkiller.sys
PROCESSHACKER, kprocesshacker.sys FileRule
QMBSEC, qmbsec.sys
RENTDRV, Hangzhou RentDrv.sys
RETLIFTEN, 1.sys
RETLIFTEN, 2.sys
RETLIFTEN, 80.sys
RETLIFTEN, 81.sys
RETLIFTEN, b.sys
RETLIFTEN, b1.sys
RETLIFTEN, b3.sys
RETLIFTEN, b4.sys
RETLIFTEN, Black.sys
RETLIFTEN, BlackBoneDrv10.sys
RETLIFTEN, bw.sys
RETLIFTEN, bwrs.sys
RETLIFTEN, bwrsh.sys
RETLIFTEN, c.sys
RETLIFTEN, cpupress.sys
RETLIFTEN, d.sys
RETLIFTEN, d2.sys
RETLIFTEN, d3.sys
RETLIFTEN, d4.sys
RETLIFTEN, full.sys
RETLIFTEN, gameink.sys
RETLIFTEN, GameTerSafe.sys
RETLIFTEN, kbdcap64.sys
RETLIFTEN, LgDCatcher.sys
RETLIFTEN, Lurker.sys
RETLIFTEN, My.sys
RETLIFTEN, netfilterdrv.sys
RETLIFTEN, NetFlt.sys
RETLIFTEN, NetProxyDriver.sys
RETLIFTEN, ni.sys
RETLIFTEN, nstr.sys
RETLIFTEN, nstrwsk.sys
RETLIFTEN, nt2.sys
RETLIFTEN, nt3.sys
RETLIFTEN, nt4.sys
RETLIFTEN, nt5.sys
RETLIFTEN, nt6.sys
RETLIFTEN, ProtectS.sys
RETLIFTEN, Proxy32.sys
RETLIFTEN, Proxy64.sys
RETLIFTEN, t.sys
RETLIFTEN, t3.sys
RETLIFTEN, t7.sys
RETLIFTEN, t8.sys
RETLIFTEN, TestBone.sys
RETLIFTEN, TGSafe.sys
RETLIFTEN, windows7-32.sys
RETLIFTEN, windows8-10-32.sys
RETLIFTEN, windows-xp-64.sys
RETLIFTEN, WYProxy32.sys
RETLIFTEN, WYProxy64.sys
RTCORE, RTCore
RTPORT, Realtek rtport
SEMAV6MSR64, semav6msr64.sys
SEPDRV3, sepdrv3.sys
SKILLER, ITM s4killer
SSPORT, HP SSPORT.sys
SUPERBMC, superbmc.sys
SYSCONP, IBM sysconp.sys
SYSDRV3S, CodeSys SysDrv3S
SYSINFO, Noriyuki Miyazaki SysInfo
TDEIO, Tdeio.sys
TDKLIB, TdkLib.sys
WFSHBR, HyperTech wfshbr64
WINFLASH64, WinFlash64.sys
WINIO, PartnerTech WinIO
WINIO, PartnerTech WinIO32A.sys
WINIO, PartnerTech WinIO32B.sys
WINIO, PartnerTech WinIo64A.sys
WINIO, PartnerTech WinIo64B.sys
WINIO, PartnerTech WinIo64C.sys
WINIO, WinIO
WINKERNEXP, WindowsKernelExplorer.sys
WINRING, iFlyWinRing0x64.sys
WINRING, WinRing0.sys
WINRING, WinRing0_1_2_2.sys
WINRING, WinRing0a64.sys
WINRING, WinRing0x64.sys
WINRING0, WinRing0.sys
Click to expand...
 

My Computer

System One

  • OS
    Windows 7
garlin said:
The list of blocked drivers is provided in XML format, for every major Windows release (21H2, 22H2... 24H2).
Microsoft recommended driver block rules

Unfortunately, they're mostly expressed as signed SHA1 or SHA256 hashes, but you can kinda manipulate the XML to get some vendor identifiers.
Click to expand...
Thanks,
I found that .zip file with the XML, I was trying to see if this specific driver was blocked or not.
Driver for Qualcomm Wi-Fi 7 CM865.
How can I find that out?

learn.microsoft.com

Microsoft recommended driver block rules

View a list of recommended block rules to block vulnerable third-party drivers discovered by Microsoft and the security research community.
learn.microsoft.com
 
Last edited:

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell XPS 8930
    CPU
    Intel I9-9900K
    Memory
    64GB
    Graphics Card(s)
    NVIDIA RTX 2060
    Sound Card
    NVIDIA High Definition Audio
    Monitor(s) Displays
    4k Samsung
    Screen Resolution
    3840 x 2160
    Hard Drives
    512GB NVMe, ADATA SU 800, 2TB HDD
Most drivers don't make this list, it's the really bad ones (or drivers explicitly used to bypass security features). Qualcomm isn't listed, so you're good.

Drivers from larger OEM's normally have good behavior and won't get flagged. If they're flagged, the vendor will work with MS and re-release an updated driver whenever possible. This list is mostly populated by Chinese HW vendors, and kernel drivers from selected software tools.

ASIO is probably one of the legitimate drivers that's tagged on this list.

If the XML doesn't present an explicit file name, you must parse the other fields to get an OEM's name. Windows is really looking for driver file hashes, since a driver file can be easily renamed.
 

My Computer

System One

  • OS
    Windows 7
You must log in or register to reply here.

Similar Windows 11 Tutorials

  • Article Article
Browsers and Mail Enable or Disable Microsoft Edge Surf Game in Windows 11
Replies
0
Views
3K
Brink
Brink
  • Article Article
Browsers and Mail Enable or Disable Scareware Blocker in Microsoft Edge in Windows 11
Replies
1
Views
4K
Brink
Brink
  • Article Article
Apps Enable or Disable Move or Install Apps on Non-System Drives in Windows 11
Replies
0
Views
1K
Brink
Brink
  • Article Article
Browsers and Mail Enable or Disable Automatic Sign in on Microsoft Edge in Windows 11
Replies
0
Views
4K
Brink
Brink
  • Article Article
Browsers and Mail Enable or Disable Bing "Trending Searches" Suggestions in Address Bar of Microsoft Edge
Replies
0
Views
4K
Brink
Brink
  • Article Article
Apps Enable or Disable Recommended Actions from Apps in Windows 11
Replies
0
Views
2K
Brink
Brink
  • Article Article
Browsers and Mail Enable or Disable Collections in Microsoft Edge in Windows 11
Replies
0
Views
3K
Brink
Brink

Latest Support Threads

Latest Tutorials

Back
Top Bottom