News > Microsoft admits to signing rootkit malware in supply-chain fiasco

Microsoft admits to signing rootkit malware in supply-chain fiasco

Tech giant Microsoft has now confirmed signing a malicious driver being distributed within gaming environments. 

G Data malware analyst Karsten Hahn first took notice of this event last week and was joined by the wider infosec community in tracing and analysing the malicious drivers bearing the seal of Microsoft. This incident has once again exposed threats to software supply-chain security, except this time it stemmed from a weakness in Microsoft’s code-signing process.