在一个案例中，研究人员发现攻击者疑似将向日葵漏洞“武器化”。首先利用向日葵软件漏洞安装了一个 PowerShell 脚本，该脚本又利用 BYOVD 技术使 ...

2024年第二季度，遭到使用byovd技术攻击的系统数量比上一季度增加了近23%。 利用包含漏洞的驱动程序进行攻击的动态变化 “尽管这些驱动程序本身 ...

即使未安装 Paragon 分区管理器，用户也可能受到 BYOVD 攻击，因此微软已更新其“易受攻击的驱动程序阻止列表”，阻止 Windows 加载问题驱动。

BYOVD has been a fact of life for at least a decade. Malware dubbed "Slingshot" employed BYOVD since at least 2012, and other early entrants to the BYOVD scene included LoJax, InvisiMole, and ...

It claimed Microsoft had spotted BYOVD attacks exploiting CVE-2025-0289, an insecure kernel resource access vulnerability in version 17 of Paragon Partition Manager’s BioNTdrv.sys driver. The exploit ...

Using the BYOVD technique for privilege escalation has been typical for nation-state actors and ransomware groups, and is rarely observed with info-stealers.

举个例子，如果之前发现驱动程序 A 存在被 BYOVD 攻击的风险，已经在列表里了。现在又发现驱动程序 B 也有类似风险，这次更新就会把驱动程序 B 也 ...

This BYOVD primer, authored by ESET's Michal Poslušný, lists a host of other known vulnerable drivers that have been used to break Microsoft's DSE.. Given the history, you might think that ...

Microsoft has released the KB5049981 cumulative update for Windows 10 22H2 and Windows 10 21H2, which contains an updated Kernel driver blocklist to prevent Bring Your Own Vulnerable Driver (BYOVD ...

Patch Tuesday fixes BYOVD attack with Windows Kernel Vulnerable Driver Blocklist file. Windows 11 24H2 update causes issues ...