在一个案例中，研究人员发现攻击者疑似将向日葵漏洞“武器化”。首先利用向日葵软件漏洞安装了一个 PowerShell 脚本，该脚本又利用 BYOVD 技术使 ...

2024年第二季度，遭到使用byovd技术攻击的系统数量比上一季度增加了近23%。 利用包含漏洞的驱动程序进行攻击的动态变化 “尽管这些驱动程序本身 ...

举个例子，如果之前发现驱动程序 A 存在被 BYOVD 攻击的风险，已经在列表里了。现在又发现驱动程序 B 也有类似风险，这次更新就会把驱动程序 B 也 ...

BYOVD has been a fact of life for at least a decade. Malware dubbed "Slingshot" employed BYOVD since at least 2012, and other early entrants to the BYOVD scene included LoJax, InvisiMole, and ...

It claimed Microsoft had spotted BYOVD attacks exploiting CVE-2025-0289, an insecure kernel resource access vulnerability in version 17 of Paragon Partition Manager’s BioNTdrv.sys driver. The exploit ...

This BYOVD primer, authored by ESET's Michal Poslušný, lists a host of other known vulnerable drivers that have been used to break Microsoft's DSE.. Given the history, you might think that ...

Patch Tuesday fixes BYOVD attack with Windows Kernel Vulnerable Driver Blocklist file. Windows 11 24H2 update causes issues ...

Using the BYOVD technique for privilege escalation has been typical for nation-state actors and ransomware groups, and is rarely observed with info-stealers.

Microsoft has released the KB5049981 cumulative update for Windows 10 22H2 and Windows 10 21H2, which contains an updated Kernel driver blocklist to prevent Bring Your Own Vulnerable Driver (BYOVD ...

After BYOVD exploits were reported in late 2022, Microsoft issued various statements indicating that it was working on the problem, for example telling Ars Technica, “The vulnerable driver list ...