๐Ÿ”’Vulnerable Driver Blocklist

๐Ÿšซ How to Disable the Vulnerable Driver Blocklist

โš ๏ธ Note: The Vulnerable Driver Blocklist prevents known insecure kernel-mode drivers from loading. Disabling it reduces protection and should only be done for compatibility reasons (e.g., unsigned drivers, legacy mods, certain anti-cheats).

๐Ÿ“Œ Step 1: Check the Current Blocklist Status

โœ… Via PowerShell (Optional)

  1. Press Start, type PowerShell, right-click it, and select Run as Administrator.

  2. Run this command:

    Get-CimInstance -Namespace root\Microsoft\Windows\CI -ClassName Win32_DeviceGuard

  3. Look for:

    • UserModeCodeIntegrityPolicyEnabled

    • KernelModeCodeIntegrityPolicyEnabled

๐Ÿ–ฅ๏ธ Step 2: Disable Blocklist in Windows Settings (if available)

  1. Go to Settings โ†’ Privacy & Security โ†’ Windows Security โ†’ Device Security.

  2. Click Core Isolation details.

  3. Find Microsoft Vulnerable Driver Blocklist and toggle it Off.

๐Ÿ’ก If the switch is greyed out, continue to Step 3.

โš™๏ธ Step 3: Disable the Blocklist via Registry Command (All Windows Editions)

  1. Press Windows + X, then choose Terminal (Admin) or open Command Prompt as Administrator.

  2. Run the following command:

    reg add HKLM\SYSTEM\CurrentControlSet\Control\CI\Config /v VulnerableDriverBlocklistEnable /t REG_DWORD /d 0x000000 /f

  3. You should see: "The operation completed successfully."

  4. Restart your PC.

โœ… Step 4: Confirm the Blocklist Is Disabled

After reboot:

  • Go back to Windows Security โ†’ Device Security โ†’ Core Isolation Details

  • The Microsoft Vulnerable Driver Blocklist should be Off

  • Or re-run the PowerShell command from Step 1 to verify policy status

PreviousTPM and Secure BootNextVirtualization Based Security

Last updated