![]() ![]() In general, the manufacturer of the video card will write a driver or multiple drivers, at least one for each supported operating system. For example, in high-performance computing, it is common to have a separate card or piece of hardware for processing video (video card). It is normal for each device on the computer to have at least one driver. This differentiates them from purely software drivers which are low-level programs that act as filters or perform some other low-level function. Each physical component of a computer is commonly referred to as a device, which is why drivers are commonly referred to as device drivers. What is a driver?Īt an exceedingly high level, drivers are software that allows the operating system to interact with all the different physical parts of a computer. It is intended as a high-level overview introduction to the topic of driver vulnerabilities in Windows. Some driver principles and concepts can be applied across operating systems, but for brevity the scope is limited. ![]() This paper provides an overview of common driver vulnerabilities for currently supported versions of Windows running on x86-64 architecture. The misuse of well-intended segments of code necessary for functionality results in calamity. ![]() In the case of Shamoon, the driver itself could be considered a vulnerability, and in some ways, this is the case with almost all vulnerabilities. The Shamoon/RawDisk driver attack did not use a vulnerability in the driver, it used the driver for the purpose intended, but by a person or group with unscrupulous objectives. This access enabled the malicious actor to erase data at such a large scale, the company was forced to replace practically all hard drives on its network. The attack used RawDisk driver, which could manipulate hard drives from user space without any special permissions. Bring Your Own Vulnerable Driver (BYOVD) techniques are not new they can be traced back at least as far as 2012 and the Shamoon wiper that targeted Saudi Aramco. ![]()
0 Comments
Leave a Reply. |