Vulnerable drivers can cause harm to your Windows computer. To protect your PC from vulnerable drivers, Microsoft has now introduced the Vulnerable Driver Blocklist in Windows Security. This feature can block vulnerable drivers from running on your computer system. In this post, we will show you how to turn on or off Microsoft Vulnerable Driver Blocklist in Windows 11/10.
Microsoft introduced this feature as an optional feature in Windows 10 v1809. Now starting with Windows 11 22H2, the blocklist is enabled by default on all devices.
While the Windows Defender Application Control feature already helps protect your computer against vulnerable applications, this new feature is meant to enable a more aggressive blocklist that includes vulnerable drivers as well. This blocklist is enabled on systems that have Hypervisor-protected Code Integrity enabled or run Windows in S Mode. With this feature enabled, if Windows blocks a driver, it could cause devices or software to malfunction or lead to system instability and even a BSOD – so you need to monitor your system performance and turn off the features if it creates issues.
How to disable Microsoft Vulnerable Driver Blocklist in Windows 11
Windows now has a blocklist of drivers that have known security vulnerabilities, have been signed with certificates that have been used to sign malware, or that circumvent the Windows Security Model. Microsoft Vulnerable Driver Blocklist will block such insecure or vulnerable drivers.
To enable or disable Microsoft Vulnerable Driver Blocklist in Windows 11 22H2 and later, follow these steps:
- Search for and open Windows Security using the search bar
- On the left, you will see Device Security
- Click on it to open it
- Next, click on the Core Isolation details link
- Here you will see the setting to toggle on Microsoft Vulnerable Driver Blocklist
- Set it to On or Off and exit.
- Restart your computer for the changes to take effect.
How to turn off Microsoft Vulnerable Driver Blocklist in Windows 10:
To turn on or off Microsoft Vulnerable Driver Blocklist in Windows 10:
- Press Win+I to open Windows Settings
- Go to Update & Security > Windows Security
- Open Windows Security
- Click on Device Security > Core Isolation
- Finally, toggle on Microsoft Vulnerable Driver Blocklist
- Restart your PC.
Disable Vulnerable Driver Blocklist on Windows 11 21H2:
To disable it on earlier Windows 11 versions, you can:
- Turn off memory integrity (HVCI), if applicable
- Disable Windows in S Mode
The feature is still being rolled out to all, so if you do not see it wait, wait for it to be offered to your system.
Read: Microsoft Vulnerable Driver Blocklist option grayed out or not working
Why can’t Windows load my drivers?
If the Memory integrity setting in Windows Security blocks the driver, this can happen. You need to make sure that the driver is digitally signed and downloaded from the official source. If this does not help, you may turn off the Memory integrity setting.
How do I use Microsoft recommended block rules?
From time to time, Microsoft identifies and updates a list of valid applications that an attacker could use to bypass Windows Security. This is the list where Microsoft recommends that you block the vulnerable exe processes as they could potentially circumvent Windows Defender Application Control.
