Microsoft admits to have mistakenly-signed a software driver loaded with rootkit malware

Source: Tech Times

Microsoft Corp. is one of the largest and well-respected technology companies in the entire industry and “silly mistakes” or “negligent behavior” from such established companies is not well received by the consumers or the industry analysts. However, the bigger the brand, the more scrutiny can be expected, but a company as big as Microsoft can impact millions of customers with one small error in its functioning.

Having said that, Microsoft has made a mistake and like good, responsible companies, it has even admitted its fault but the question remains, what impact did the goof-up have?

Well, according to recent reports, Microsoft signed a software driver that was loaded with rootkit malware, designed to target the gaming community. Microsoft confirms that the impact was limited but a mistake once made, makes it difficult for the consumers to trust.

As mentioned in a report by Engadget, Operating System developers offer a code signing process to help developers steer clear of any malware or hostile software that might harm the system or a community. Microsoft has confirmed to have signed “Netfilter” which is a third-party driver for Windows OS, unfortunately, loaded with rootkit malware that circulated in the gaming community and which should not have been signed-in the first place.

Windows Hardware Compatibility Program (WHCP) signed the said software despite connecting to control servers in China and malware command, as mentioned in a report by Engadget.

Microsoft was saved by a thin margin because there is no sign of the malware corrupting or stealing any certificated from the company servers. The Windows-maker is not sure how the malware got into the system and that it would be refining its signing process, validation, and access policies, according to reports.

The malware spread to the entire Microsoft gaming community but unless a user goes out of the way to access the malware, it cannot automatically harm any gamer’s system. Microsoft says that the rootkit malware only works post-exploitation and obtaining administrator access for installation is necessary.

The company ensures to roll out a new update with fresh drivers to remove the existence of rootkit from the affected systems. Anyhow, a company’s signed software means that the update is verified and the software driver is safe to download but this mistake by Microsoft can cost the company, its trust with the customers.

Users are used to downloading and installing new drivers, signed and verified by the company, and from this incident onwards, users shall be worried that there might be hidden malware, even if those drivers are signed and verified by the technology giant.

As Microsoft recently launched its Windows 11, a malware leak is the last thing the tech giant could have wanted attention for.