Obsolete drivers: malicious code with more rights like the Admin

The risk of outdated and poor-quality drivers is very high.

It is known that outdated drivers pose a security risk. Because each update also updates new security patches and closes possible entry gates for hackers. But even poorly programmed driver code is a serious source of danger. And this is unfortunately widespread.

Major manufacturers are also affected

At DEF CON, the world’s largest hacking and computer security event, security firm Eclypsium showed how underestimated and widespread the threat of vulnerable driver code is. According to them, they found dangerous vulnerabilities in over 40 drivers from over 20 vendors – including big names like ASRock, ASUS, Biostar, Intel, Toshiba, NVIDIA, and Huawei:

https://eclypsium.com/2019/08/10/screwed-drivers-signed-sealed-delivered/

https://eclypsium.com/wp-content/uploads/2019/08/EXTERNAL-Get-off-the-kernel-if-you-cant-drive-DEFCON27.pdf

Malicious code with all rights

The fatal thing about these vulnerabilities: Attacks that use this driver vulnerability are incomparably more effective and dangerous than normal hacker attacks because they can easily reach the core of the operating system. In this way, attackers can obtain ring-0 or kernel rights on a system and even anchor the malicious code in the BIOS. This gives you more rights and options than any system administrator. Security software then has no chance. Even a formatting of the hard disk, a new installation of the operating system or even an exchange of the hard disks is then ineffective.

Faulty drivers alone are not sufficient

For this to happen, another condition must be met in addition to the vulnerable driver (and there is currently enough of that in an average Windows system). There must be malicious code on the computer – whereby it is sufficient here if it is equipped only with simple “user rights”. It is only through the weak point of the driver that the “malicious code with limited possibilities” becomes this dangerous and almost invincible weapon, which de facto makes all your hardware unusable.

Obsolete Drivers: What You Can Do

The exact weaknesses of their drivers are now known to the manufacturers. The affected drivers were often the same programming error that will be fixed with the next driver update.

If you are using a driver from one of the following companies, do not miss the upcoming updates.

ASRock
ASUSTeK Computer
ATI Technologies (AMD)
Biostar
EVGA
Getac
GIGABYTE
Huawei
Insyde
Intel
Micro-Star International (MSI)
NVIDIA
Phoenix Technologies
Realtek Semiconductor
SuperMicro
Toshiba

In addition, there are other manufacturers and companies that have similarly vulnerable drivers on the market, or in many Windows systems. These have not yet been mentioned by Eclypsium. These are presumably companies whose drivers are used in sensitive areas – and hackers should not be animated additionally.

However, as a Windows user it is generally worthwhile to update all drivers in the coming weeks.

The SecuPerts Driver Updater provides information and helps

If you are using the SecuPerts Driver Updater, you should use it to regularly check that your drivers are up to date in the coming weeks. This is just one click and you save yourself the daily research on the manufacturer’s website. And you can be sure: As soon as there are new drivers and the security gaps are closed, you will be one of the first to know – and do the update with just a few clicks.

Thomas Palme

15:18 16 Jul 19

Haber am 27.06.2019 das Forensic System- auf einen 16GB USB 3,0 Stick gekauft. Heute ist der 16.07.2019 (drei Wochen später) und habe immer noch nichts erhalten und auf meine e-mail erhalte ich auch keine Antwort. Anrufen hilft auch nicht da keiner antwortet. VORSICHT ist angesagt hier wer etwas kaufen will !!!

Patrick Aschenbrenner

10:58 07 Nov 17

Für den freundlichen Kundenservice gibt’s 5 Sterne. Danke für ihre ausgiebige Beratung. Produkt ist super und Preis ist fair.

Hans Möller

09:31 01 Nov 17

Photomizer 3 Premium bestellt. Für Fotofreaks ein Muss. Das ist einfach genial. Habe es auch ziemlich schnell zugeschickt bekommen.

David Schleicher

07:20 12 Oct 17

Ich habe mir die Moviejack Lizenz für ein Jahr im Shop bestellt. Funktioniert echt super und kinderleicht. Mein Paket wurde schnell geliefert.

Michael John78

10:07 24 Oct 17

SecuPerts kann ich bestens empfehlen. Hält mir lästige Viren usw. vom Hals.

Volkan Mollaahmetoglu

07:59 17 Oct 17

Mit photomizer sehen meine Fotos wirklich toll aus. Bin ein langjähriger Fan!

Connor Heidfeld

08:22 18 Oct 17

Daumen hoch für diesen Shop. Ich wurde total nett am Telefon beraten und meine Ware kam 2 Tage nach Bestellung bei mir an.

Forman Willis

01:57 13 Dec 19

As a website designer using Photomizer 3 Premium, It's a great tool to edit images and well worth the money spent. Constant free updates, unlike so many other software sellers. Good job guys...AAA+

Bastian Elfenkämper

21:17 18 Jan 20

Wirklich extrem unhöflich, die Mitarbeiter behandeln einen wie "untermenschen" als wäre man es nicht wert in der Sprache Respektiert zu werden. Nie wieder werde ich hier den Kontakt aufnehmen.

Bilal Kas

21:34 18 Jan 20

Mir wurde ca Anfang von Dezember zu einem Praktikum zugesagt, jetzt wurde mir, 2 Wochen vor Ende Januar eine Absage mitgeteilt, Das Praktikum beginnt Anfang Februar, was mir jetzt sehr große Schwierigkeiten bereitet.

Todd Scheitler

18:08 21 Jan 20

I've had the pleasure of knowing about Engelmann software for several years now. Until the other day I have never needed to contact support for any reason. Well, I finally needed to reach out to them, and even though they are on another continent they responded a whole lot faster than companies right here in the states. I was not expecting to hear form them for at least a couple of days. Imagine my surprise when waiting for me in my inbox in less than 24 hours Tim from Engelmann had a solution to my problem already. They are on top of customer service which is so rare these days. I didn't have to deal with computer AIs trying to assist me I had a human and that human was there right away with the solution. My thanks go out to Engelmann for great software, but even more thanks to Tim, as you made my day a whole lot better!!!

Adolf Hombracher

22:25 24 Jan 20

Die Qualität lässt zu wünschen übrig

Pauline Müller

22:47 24 Jan 20

Ich habe seit einer längeren Zeit nach einer neuen Software gesucht und muss leider gestehen, dass die Preise hier viel zu teuer sind, für meinen Geschmack. Ich hoffe Sie reduzieren die Peise für Ihre Produkte ein wenig in der Zukunft.

Seris Leonidas

12:00 27 Jan 20

The reason for looking at photo editing tools was to find an easy solution that would enable me to adjust my daughter's graduation photos. Photomiser was a good choice as it provides a great number of easy to use features and in my mind is simpler to use than the famous Photoshop. There was however one facility that I was particularly looking for which, sadly, is not available within this programme. I did have some issues during the installation and this is when Tim stepped in to offer assistance that also included remote access His patience, time and energy and his professionalism were truly outstanding. So if anyone wonders how good the after-sale support is, I can give it full marks and my endorsement

Peter Hillebrand

09:42 30 Jan 20

Die Betreuung und Hilfe durch Ihren Herrn Stoepler war hervorragend und nicht mehr zu überbieten. Ich danke ganz herzlich dafür, dass ich nunmehr das richtige Abo von TuneUP 2020 unbegrenzt benutzen kann.

Lajos Fejes

18:32 10 Feb 20

Besondere DANK für ihre schnelle Lösung meinem Problem Herr Tim Stoepler.

Maike Schweim

17:21 06 Mar 20

Movie Jack gekauft und funktioniert nicht, sollte Update kommen, aber alles nur leere Versprechungen. 20 Euro für Nichts!

Robin Griffiths

16:25 11 Jun 20

OnLineTV software. Very disappointing. I bought this as a package with other software. But apart from being able to access a limited number of TV channels in the USA (apart from some in the UK) is others TV stations are a bizarre mix and very limited. It is supposed to over a search option - but that doesn't work. In spite of trying several times I haven't as yet managed to find it useful at all. I would like to access TV channels in Canada and Thailand. - bit nothing ever comes up. Search never works, The only extra station available are German ones. It mentions about finding and adding stations - but it is totally impossible to find any to add to the meagre list of ones included in the programs. I just struggle to find any real use for this, I would be happy to upgrade that the later version seems to offer an ever more bizarre list of TV stations. Sorry - just wish I could add something positive but it just hasn't worked for me - nothing in it radio stations TV newspapers -

Lar P

16:38 23 Apr 22

I have been a user of Photomizer for years now. I am not a photographer; however, I have a graphics program and understand the basic of images. Not sure how I bought this, probably via a 'You can't lose sale" somewhere, so I bought it – wow! – so easy to use, and so helpful – the default settings are wonderful for clearing/cleaning an image, then you can fine tune it too if need be – the split screen view (before after), which you can move horizontally, is amazing – this is a wonderful must have software if you are website developer or just and amateur image editor – recently I moved to a new laptop and my key became no good – one email, same day service, and it was fixed – NICE!

Les Bodok

14:24 16 Jan 22

Tim Stoepler was very understanding and invested considerable time to resolve an issue. His efforts were very much appreciated and I have no problem purchasing future products from the site.

Nikki Schlagsahne

11:38 18 Aug 22

Super Service