Click to Skip Ad
Closing in...

New Windows Defender update adds more aggressive blocklist

Updated Mar 31st, 2022 11:38AM EDT
Windows 11 Main
Image: Microsoft

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Windows 10 and Windows 11 users can take advantage of a more aggressive blocklist now. The operating system received the feature in the latest Windows Defender update.

Windows Defender update enhances security with new blocklist

Windows Defender has been available as a built-in antivirus for Windows 10 and earlier for several years now. The antivirus has grown quite popular with Windows users thanks to being lightweight and effective. Additionally, Microsoft continues to make it even better.

The latest Windows Defender update has added the option to block drivers with “security vulnerabilities”. Microsoft VP David Weston announced the addition on Twitter over the weekend. First, navigate to Device Security and select Core Isolation Details. Finally, toggle Microsoft Vulnerable Driver Blocklist to on to enable it.

You can only turn the feature on if you are using a Hypervisor-protected Code Integrity (HVCI)-enabled device. When enabled, the security feature will block third-party drivers that have been flagged for security vulnerabilities. You can enable HVCI through the Core Isolation window in the Windows Security window by turning on Memory Integrity.

Ultimately, what matters here is that this feature should help cut down on the security issues surrounding third-party drivers. This new Windows Defender update is just another way the tech giant is making its free, built-in antivirus stand out from the myriad of other paid options out there.

What is this blocklist?

Microsoft Defender on Windows 11Image source: Microsoft

As ZDNet reports, the more aggressive blocklist added in the latest Windows Defender update will be curated by Microsoft and certain OEM partners. As a result, it should be updated whenever new exploits are discovered. The list will block drivers marked as exploitable. These exploits can include things like elevated access to the Windows kernel. Consequently, they could cause irreparable damage to your machine if accessed.

These kinds of exploits usually act as tunnels for malware, or the certificates used to sign malware. They often allow the malware to avoid the Windows Security Model. Thus giving those hostile programs access to the deeper levels of your hardware.

While you will need to rely on a Windows Defender update to keep the blocklist up-to-date, Microsoft has proven reliable when it comes to its built-in security suite. Windows Defender has quickly become one of the best antivirus programs available on computers, especially because of how little it interferes with device performance.

Hopefully, seeing Microsoft continue to dedicate resources to the service is a sign that it will continue to be a solid option for users in the coming years.

Article updated to clarify the title of Microsoft’s built-in security system.

Josh Hawkins has been writing for over a decade, covering science, gaming, and tech culture. He also is a top-rated product reviewer with experience in extensively researched product comparisons, headphones, and gaming devices.

Whenever he isn’t busy writing about tech or gadgets, he can usually be found enjoying a new world in a video game, or tinkering with something on his computer.