Tech Giant Microsoft Approved Malicious Malware from China

Tech Giant Microsoft has recently signed a third-party driver containing rootkit malware, Netfilter. The driver was detected communicating with command and control servers in China. Despite this, it somehow passed Microsoft’s Windows Hardware Compatibility Program (WHCP).

Creators of operating systems, including Microsoft, use code signing to confirm the software author and ensure that no user has altered or corrupted the code. Essentially, it’s to help users avoid malicious software. Once signed, the driver software gains full access to act as a gateway between the OS and hardware devices.

Hence, Microsoft’s approval of Netfilter might pose a massive threat to the security of users of this OS. It is unclear how the said driver bearing the rootkit malware made it through Microsoft’s coding signing and certification process. The only precise information so far is that it only circulated in the gaming community.

Security researcher Karsten Hahn initially flagged the driver as a false-positive but proved later on that it wasn’t. Following this event, Microsoft has confirmed the mistake and immediately suspended the account associated with the driver.

They have since been investigating the incident, hoping this will help them further refine the process of certification. According to its latest statement, there is no evidence that the malware developers actually stole the certificates.

It also did not target enterprise users or any other users outside China. According to Microsoft, gamers use the said malware to gain an advantage over other players and for geo-location spoofing, and it only works after a player account has already been compromised.

The malware is inactive unless installed on a PC by threat actors with administrator-level privileges or by the end-users themselves. Microsoft confirms that Netfilter doesn’t pose any significant threats because of these reasons.

But to resolve the issue, Microsoft keeps working on investigating and patching all known security threats. The company confirmed that users would get clean drivers through Windows Update. Following this incident, the tech giant assures the public that there’s only minimal impact and that malware only targets gamers in China.

ABOUT AUTHOR

Anne is a certified digital marketing strategist, a behavioral coach, and a technology guru. She has spent most of her life managing people from all walks of life until she decided to turn her passion for tech into a reality. As she is now a master of all things technology in the SEO world, managing Websitebuilder.org is her dream come true. She is also a proud mom to a future psychologist, and she loves to cook, cook, and cook some more!

Latest from Anne

Best Cloud Gaming Service How to Make a Twitter Account Private the Best Way Possible How Many YouTubers Have 10 Million Subscribers? How Much is Johnny Depp Worth?

Leave a Reply