Inconsistent Driver Blocklist in Microsoft Windows Driver Management
CVE-2022-50238

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows
Vendor: CVE Published:; 8 September 2025

What is CVE-2022-50238?

The Microsoft Windows driver management system contains a vulnerability due to an inconsistency between the on-endpoint driver blocklist and the online recommended driver block rules. Some driver entries that should be blocked appear to be missing from the local blocklist, leading to potential security risks. While users can synchronize the driver blocklist using Windows Defender Application Control (WDAC) policies, the vendor advises that the Windows Update provides a limited blocklist focused on compatibility for the average user. Advanced users and organizations are encouraged to utilize the comprehensive XML list, though this may introduce usability challenges.

References

https://github.com/wdormann/applywdac

https://learn.microsoft.com/en-us/windows/security/applic...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 8, 2025
Vulnerability Reserved
Sep 8, 2025