Microsoft's recent Windows 11 updates, KB5083769 and KB5083631, have sparked concern among users of third-party backup applications. These updates have introduced a security measure that inadvertently blocks certain drivers used by disk imaging software, such as Macrium Reflect, leading to functionality issues. The kernel driver psmounterex.sys, which enables mounting of backup images as virtual drives, is being flagged and blocked by the OS, causing problems for users who rely on Macrium Reflect for system backups and recovery.
The issue has raised questions about the balance between security and functionality in operating system updates. While Microsoft's intention to improve system security is commendable, the unintended consequence of blocking essential drivers has caused frustration among users. The fact that Macrium Reflect had seemingly already patched its software against the CVE-2023-43896 vulnerability adds a layer of complexity to the situation.
Community discussions online have highlighted potential workarounds, such as using a Registry hack to disable the vulnerable driver blocklist. However, this approach carries risks and requires careful consideration. It's important to note that Microsoft has not yet provided an official fix, and users are advised to wait for the software update that adds the necessary protection. The situation underscores the challenges of implementing security measures in operating systems and the potential impact on user experience.
The incident also raises questions about the transparency and communication between software developers and users. Users rely on backup applications for critical tasks, and sudden changes that disrupt their workflow can be disruptive. Clear and timely communication about potential issues and solutions is essential to maintaining user trust and confidence in the software ecosystem.
