Microsoft’s 2026 Security Update Closes a Decades-Old Flaw but Threatens Legacy Hardware
Redmond, Saturday, 28 March 2026.
Starting in April 2026, Microsoft will block untrusted legacy drivers to close a 20-year-old security vulnerability. While this boosts safety, it risks crippling older medical and IoT devices.
Closing a Two-Decade Security Gap
Microsoft (NASDAQ: MSFT) [GPT] is officially pulling the plug on a legacy cross-signed root program that has been a fixture of the Windows operating system since the early 2000s [1][2][8]. While the program was originally designed to support code integrity for third-party drivers, it offered zero assurances regarding the security or compatibility of the kernel code itself [1][2]. Administered by third-party certificate authorities, the framework required driver authors to store private keys, a structural flaw that led to widespread abuse and credential theft [1][2]. Consequently, Microsoft deprecated the program in 2021, allowing all associated certificates to expire [1][2][8]. However, because these third-party drivers remained broadly trusted by the Windows kernel, they continued to pose a severe risk. Threat actors have actively exploited this supreme-level access to bypass operating system defenses, disabling anti-virus and endpoint monitoring tools [1].