This blocklist is designed to block threat actors from dropping legitimate but vulnerable drivers on targets’ systems in Bring Your Own Vulnerable Driver (BYOVD) attacks on HVCI-enabled Windows machines or those running Windows in S Mode.