Malware distributors can use the Genshin kernel module to distribute their viruses and totally wreck your PC. Antimalware will not catch it. The kernel module is also signed by Microsoft, making it extremely easy to install on a victim’s computer.
Anticheat is malware
And all because server side anticheat is too expensive for them to host. I mean, what does the Kernel based anticheat really give the players? It only benefits the company so they can make more money with fewer resources.
Not defending kernel mode anticheats, but I think the bigger problem here is Windows’s Swiss cheese level kernel module management. Because apparently this whole fiasco is because the kernel module in question is “verified” by Microsoft, so it doesn’t need admin/UAC authorisation to install, a machanic which this malware exploits.
More discussion here: https://infosec.exchange/@r000t/108890918411908350
Knew something like this would happen eventually. At some point in the future every anti-cheat that uses kernel modules will have at least one vulnerability like this discovered. Calling it now.