Hackers exploit gaping Windows loophole to give their malware kernel access
arstechnica.com> In fairness to Microsoft, a working solution is elusive because many vulnerable drivers continue to be used legitimately by large numbers of paying customers. A revocation of such drivers could cause crucial software worldwide to suddenly stop working.
Maybe, but if a system running today has no drivers installed signed by old certs, transparently blocking them, as well as defaulting to block, with an IT admin ability to unblock, for new installs seems quite easy.