-
Hello. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
Hi, If you really want to run that vulnerable driver, first disable the block list in Microsoft defender -> Device Security It's grayed out because of this and it will remain that way until you turn off Secure boot in your UEFI settings, then perform a restart, deactivate Memory Integrity, restart again, and then disable the vulnerable block list. The additional restarts are due to the UEFI lock mechanism. Now you need to grab the block list from here, save it as XML file, remove the rules responsible for blocking your driver, then convert it to .CIP file using ConvertFrom-CIPolicy and deploy it. You can even generate a certificate using Build-WDACCertificate and then deploy it using Deploy-SignedWDACConfig. |
Beta Was this translation helpful? Give feedback.
Hi,
The Microsoft recommended driver block rules are digitally signed by MSFT so we can't add supplemental policies to them since we don't have the private key of their certificate, so modifying it isn't an option. But we still have other options.
If you really want to run that vulnerable driver, first disable the block list in Microsoft defender -> Device Security
It's grayed out because of this
and it will remain that way until you turn off Secure boot in your UEFI settings, then perform a restart, deactivate Memory Integrity, restart again, and then disable the vulnerable block list. The additional restarts are due to the UEFI lock mechanism.
Now you need to grab the block list from …