Question Help with Windows 11 Device Security ?

[Ralston18]

I, full disclosure, do not know.

ipconfig /all provides network related information - not drivers per se.

However if ipconfig lists some other network adapter(s) then that may be a clue of sorts.

Can you provide or post that "vulnerable driver blocklist" setting?

If anything, do a screen capture of the relevant windows and post via imgur (www.imgur.com).

Part of the troubleshooting process is to eliminate possibilities....

And there are other ways to find out more information.

However, I suggest "one step at a time".

 

[very_452001]

I, full disclosure, do not know.

ipconfig /all provides network related information - not drivers per se.

However if ipconfig lists some other network adapter(s) then that may be a clue of sorts.

Can you provide or post that "vulnerable driver blocklist" setting?

If anything, do a screen capture of the relevant windows and post via imgur (www.imgur.com).

Part of the troubleshooting process is to eliminate possibilities....

And there are other ways to find out more information.

However, I suggest "one step at a time".

Okay I did the ipconfig/all and I don't see the Intel(R) PRO/1000 Adapter device listed.

I do see a couple of Microsoft Wi-Fi Direct Virtual Adapters though. Are these virtual adapters loaded by default in Windows 11? What's the purpose of these wireless virtual adapters when I already have a actual physical wi-fi card?

 

[Ralston18]

I am not aware of any virtual wifi adapters being loaded by default. There may be other comments and suggestions regarding such.

Run "ipconfig /all" (without quotes) via the Command Prompt and post the results.

You should be able to copy and paste the results without needing to retype everything.

Look in Task Manager > Startup. Any unexpected or unknown apps being launched?

 

[very_452001]

I, full disclosure, do not know.

ipconfig /all provides network related information - not drivers per se.

However if ipconfig lists some other network adapter(s) then that may be a clue of sorts.

Can you provide or post that "vulnerable driver blocklist" setting?

If anything, do a screen capture of the relevant windows and post via imgur (www.imgur.com).

Part of the troubleshooting process is to eliminate possibilities....

And there are other ways to find out more information.

However, I suggest "one step at a time".

Hi yes here's the screenshot as requested, the vulnerable setting is greyed out:

https://imgur.com/a/TOEEEpD

View: https://imgur.com/a/TOEEEpD


How do I fix this?

 

[Ralston18]

What does "Learn more" present?

 

[very_452001]

What does "Learn more" present?

Hi yes it takes me to to this link:

Microsoft recommended driver block rules - Windows Security

View a list of recommended block rules to block vulnerable third-party drivers discovered by Microsoft and the security research community.

learn.microsoft.com

 

[Ralston18]

As I understand it, Windows does not like the wifi driver(s).

Please post the results of "ipconfig /all".

What is the source or sources for any network drivers that you have downloaded?

 

[very_452001]

As I understand it, Windows does not like the wifi driver(s).

Please post the results of "ipconfig /all".

What is the source or sources for any network drivers that you have downloaded?

Okay before I do that can you clarify whether its possible to turn on both Memory Integrity and Microsoft vulnerable driver blocklist at the same time?

 

[Ralston18]

I would expect so but my attempt ( I just tried) failed.

My system would not turn Memory Integrity on because of 6 (six) incompatible drivers.

Five of the drivers being Logitech and the sixth driver listed as being WIDCOMM.

WIDCOMM ppears to be a driver management utility. Bluetooth related.

Will need to look into all of that a bit more.

Anyway the attempt to turn both on does not seem to have caused any particular problems and the results make me wonder about both Logitech and WIDCOMM.

That said I see no harm in turning both on.

Still, to be fair, I suggest waiting a bit in case someone else posts with additional comments (pro and con).

Just to be safe.

 

[very_452001]

I would expect so but my attempt ( I just tried) failed.

My system would not turn Memory Integrity on because of 6 (six) incompatible drivers.

Five of the drivers being Logitech and the sixth driver listed as being WIDCOMM.

WIDCOMM ppears to be a driver management utility. Bluetooth related.

Will need to look into all of that a bit more.

Anyway the attempt to turn both on does not seem to have caused any particular problems and the results make me wonder about both Logitech and WIDCOMM.

That said I see no harm in turning both on.

Still, to be fair, I suggest waiting a bit in case someone else posts with additional comments (pro and con).

Just to be safe.

Okay how do I scan the system for incompatible drivers? So far the devices in the system seem to be working fine so does incompatible drivers imply that devices should not work properly due to problems with the drivers?

During Windows install windows automatically install the drivers that it chooses but cant understand on why windows choose incompatible drivers to install then you get error warning messages on screen later when you try to do something. I understand that if I install wrong drivers then I am liable but like I mentioned earlier windows chooses the drivers to install automatically.

Apart from GPU drivers what other devices in the system should I obtain the latest drivers from device website and install manually and properly instead of relying of windows to do the installing?

 

[Ralston18]

The drivers are not necessary "incompatible".

Microsoft sets the requirements for drivers with respect to security, OS compatibility, compatibility with other code, etc..

Very much up to the specific hardware manufacturer to provide drivers that will run and be fully functional within the host Windows envionment.

Not all manufacturer's comply and Windows may default to some basic driver version but prohibit that version from doing things that are not in full compliance with the imposed standards.

And, as I understand it all, Microsoft does not take it upon themselves to seek out compliant drivers. That is left to the manufactuers. They provide.....

Yes: Go to the manufacturer's website(s) and manually download the applicable drivers. Install and configure as necessary.

No third party tools or installers.

Be very sure that you are really at the manufacturer's website. Just because, for example, "Nvidia" appears in the URL that does not mean that that the links is actually Nvidia.

Plus many manufacturers include "add ons" which may or may not be helpful and/or meaningful. A fancy graphical interface for example. Or a requirement to make changes via their website versus directly on the host computer.

As I stated, my system indicated that 5 of the 6 "incompatible" files were Logitech. Likely all 5 files will be acceptable if and when I find the applicable driver for the hardware. One download may resolve all five of the problem files.

TBD.

 

[very_452001]

The drivers are not necessary "incompatible".

Microsoft sets the requirements for drivers with respect to security, OS compatibility, compatibility with other code, etc..

Very much up to the specific hardware manufacturer to provide drivers that will run and be fully functional within the host Windows envionment.

Not all manufacturer's comply and Windows may default to some basic driver version but prohibit that version from doing things that are not in full compliance with the imposed standards.

And, as I understand it all, Microsoft does not take it upon themselves to seek out compliant drivers. That is left to the manufactuers. They provide.....

Yes: Go to the manufacturer's website(s) and manually download the applicable drivers. Install and configure as necessary.

No third party tools or installers.

Be very sure that you are really at the manufacturer's website. Just because, for example, "Nvidia" appears in the URL that does not mean that that the links is actually Nvidia.

Plus many manufacturers include "add ons" which may or may not be helpful and/or meaningful. A fancy graphical interface for example. Or a requirement to make changes via their website versus directly on the host computer.

As I stated, my system indicated that 5 of the 6 "incompatible" files were Logitech. Likely all 5 files will be acceptable if and when I find the applicable driver for the hardware. One download may resolve all five of the problem files.

TBD.

Sorry I'm trying to make sense out of it. For example Logitech, is 1 of the biggest computer device manufacturers in the world. Surely they must have compatible drivers from the get go for the most used operating systems in the world that is Windows. I can understand if you buy a unknown [Mod redaction] brand device there maybe compatibility driver issues but Logitech? I understand drivers can be outdated but why windows install outdated drivers automatically causing incompatibility issues like what I am experiencing in this thread and let the user manually download the latest drivers from official websites instead? I mean windows should install the latest drivers not the Beta drivers.

 

[Ralston18]

For the most part, Windows/Microsoft provides basic or generic drivers for almost every device. By device - not by brand name. A mouse, for example, only needs some basic code to be functional.

And Microsoft Windows does include basic drivers that make the keyboard, mouse, printer, and other devices work at the first boot.

Drivers that Microsoft knows will run on the host OS and, for the larger majority of installs, not pose security risks or other problems.

Consider that if some driver proves buggy and the manufacturer fixes (eventually) that bug only to create another problem. And there are literally thousands of such drivers.

[Remember: Microsoft also includes Safe Mode to work around failed third party/manufacturer drivers.]

It would be an impossible task to to test and vet all of the drivers from all of the manufacturers who want their products to run in Windows. And many of those drivers are increasingly"enhanced" with features and functions that may or may not be truly useful beyond some advertising glitz. Or are accompanied by tools and utilities ("crapware" that are slipped in for any number of reasons that are not of real value to end users. Sometimes slipped in without the end user being truly aware of "option" and/or its real intent. May be trying to leverage the OS for some other purposes - legitmate or otherwise.

Microsoft gets blamed - and if the drivers are indeed from some unknown brand it gets all the worse. Little or no quality control or testing by the manufacturer. In fact, a third party device "manufacturer" may simply buy some brand of hardware, put their own logo on it, and then do the same with someone elses' third party generic device driver. May or may not ever offer updates again.....

And many manufacturers have multiple products and models within a product line. Increasing numbers of those products are now being bound to the manufacturer's website for updates, configuration, and monitoring information. All sorts of security implications and problem.

So if Microsoft's OS flags a driver that puts your computer at risk then Microsoft is protecting your system. And, by extension, your data and privacy

The standard approach is that if you (not a personal "you") want your product to work with or run on my product then I will provide the necessary requirements to adhere to. You are responsible for the design, development, implementation, testing, installation process, and documentation.

If the product fails to run other otherwise does not meet the provided requirements (Memory Integrity Checking etc.) then that is on you.

And if a requirement is not met, then my options include ignoring the risk, limiting the risk, or simply preventing the driver from running at all.

Ask the manufacturer why their software/drivers are failing the memory integrity test.

An older version may have worked but some update or revision broke the code. Common to roll back to an older driver to resolve some problem.

From a technical standpoint it is all quite complicated to begin with.

Start discussing the involved economics, profits, social engineering, and all the other factors it quickly becomes even more complicated.

[Note: I redacted a racial reference from your post. The problems involved go far beyond just one country.]

That is how I make sense of it all.

 

[very_452001]

Okay coming back here, regarding the following under windows device security:

- Core Isolation

- Security Processor

- Secure boot

Is it normal for any of the above to come on and show itself like 5-10mins later after you booted your system or should all 3 above come and show at the same time straight away after booting your system or is it normal to wait for any to load?