Bug hunters at the VMware Threat Analysis Unit (TAU) discovered 34 unique vulnerable Windows drivers, with 237 different file hashes belonging to legacy devices. Even though many of these drivers have revoked or expired security certificates, companies and other organizations are still using them to support old hardware across various industries.
VMware’s TAU discovered this “unique” attack vector by implementing a static analysis automation script, finding that 30 WDM and 4 WDF drivers with firmware access could provide full control of devices to non-admin users.
