Microsoft

Microsoft has released an updated guide on driver security. This new guide offers advice that developers could use to ensure Windows drivers are secured against basic attacks and preventable flaws.

The new guide —also available as a one-document PDF— is authored by Microsoft's Don Marshall and comes to replace an older help page and includes:

→  A security checklist for driver developers
→  A guide on driver threat modeling
→  A guide on how drivers should integrate into the overall Windows security model
→  A tutorial on how to use the Device Guard Readiness Tool to evaluate a driver's Hypervisor-protected Code Integrity (HVCI) compatibility

While the driver security checklist is a must-read for any software developer and not just driver authors, the guide on assessing "threat modeling for drivers" is also something that software engineers should take a peek at.

In particular, threat modeling refers to the process of identifying the points at which a driver could be vulnerable to an attack, what types of attacks could be mounted at each point, and what driver designs are available to thwart each attack.

Combining the knowledge shared in these first two documents will help driver developers understand basic principles of driver security design they could apply on any OS.

Drivers are a glaring target for many attackers

While many readers may not be aware, drivers are a crucial attack surface to ***all*** operating systems [1], not just Windows.

Drivers are a bridge between the hardware, software, and data on the computer or network. When installed, drivers usually receive system-level privileges in order to interact with all the needed components.

Attacks on drivers are often the easiest way an attacker could gain system-level privileges or execute malicious (remote) code within previously unreachable portions of an OS, such as the kernel.

AS such, protecting drivers with proper security-minded design must be an utmost priority for any OS maker, as it could undo or bypass many of its internal security features.