# Vulnerable Driver Blocklist

1. **Check Current Blocklist Status Via PowerShell (Optional)**

* Press `Start`, type `PowerShell`, right-click it, and select **Run as Administrator**.
* Run this command:

```
Get-CimInstance -Namespace root\Microsoft\Windows\CI -ClassName Win32_DeviceGuard
```

* Look for:

`UserModeCodeIntegrityPolicyEnabled`

`KernelModeCodeIntegrityPolicyEnabled`

2. **Disable Blocklist in Windows Settings (if available)**

* Go to **Settings** → **Privacy & Security** → **Windows Security** → **Device Security**.
* Click **Core Isolation details**.
* Find **Microsoft Vulnerable Driver Blocklist** and toggle it **Off**.

(If it is **greyed out**, continue on)

3. Disable the Blocklist via Registry Command (All Windows Editions)

* Press `Windows + X`, then choose **Terminal (Admin)** or open **Command Prompt as Administrator**.
* Copy & run the following command:

```
reg add HKLM\SYSTEM\CurrentControlSet\Control\CI\Config /v VulnerableDriverBlocklistEnable /t REG_DWORD /d 0x000000 /f
```

* You should see: **"The operation completed successfully."**
* Restart your PC.

4. **Confirm the Blocklist Is Disabled**

After reboot:

* Go back to **Windows Security** → **Device Security** → **Core Isolation Details**
* The **Microsoft Vulnerable Driver Blocklist** should be **Off**
* Or re-run the PowerShell command from Step 1 to verify policy status

<figure><img src="https://864134601-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZhlPQ84gzLSwbOC8Zl8I%2Fuploads%2FOPn97gNMaohPQp5R8yvw%2Fimage.png?alt=media&#x26;token=d2c17c81-d033-40be-aa2a-6094c80c7d62" alt=""><figcaption></figcaption></figure>