Dangerous vulnerabilities found in 34 Windows drivers: They can allow complete control over system

There are 34 dangerous vulnerabilities in Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) for legacy devices that could allow attackers to take control of the system. These vulnerabilities were discovered and documented by VMware Carbon Black security researcher Takahiro Hauryama.

Vulnerable drivers include products from AMD, Intel, NVIDIA, Dell and Phoenix Technologies.

Exploiting these vulnerabilities, as reported by Tomshardware.com, could give attackers complete control over system. The researcher created PoC exploits for some of the vulnerabilities to demonstrate how they could be used to modify the BIOS or escalate privileges on the system.

Some affected drivers have expired signatures, but the list also includes drivers with valid signatures. More detailed information about the work done and the IDAPython script used to automate the search for vulnerable drivers can be found on the VMware developer blog.

The researcher also notified vendors about the vulnerabilities found, but so far only AMD and Phoenix Technologies have released patches for the vulnerabilities in the two drivers with valid signatures, although several months have passed since their discovery.