Yeah the real question is why the backup software companies are choosing to use a known vulnerable kernel driver.
The quote from the article:
I reached out to Microsoft for a statement and a spokesperson proviued the following: “In the April 2026 Windows security update, we added known vulnerable kernel driver psmounterex.sys to the Vulnerable Driver Blocklist. Backup applications that rely on this driver may experience failures when attempting to mount or manage disk images. We do not recommend uninstalling or pausing this update. Customers with an impacted driver should install the latest application versions and validate against the driver blocklist to remain protected. For more information, please see here.”
it’s a part of macrium reflect version 8. it’s what mounts backup images within windows to browse and recover files from. you should still be able to boot off a reflect rescue usb to do those tasks.
macrium doesn’t do perpetual licenses anymore, and they EOL’d all reflect versions sold that way. it’s all subscriptions now (according to a neighbor that uses it… he was strong-armed into upgrading to a sub from his version 8.x)–even for that previous version which they still sell (relabeled ‘ltsc’) as a subscription.
Yeah the real question is why the backup software companies are choosing to use a known vulnerable kernel driver.
The quote from the article:
it’s a part of macrium reflect version 8. it’s what mounts backup images within windows to browse and recover files from. you should still be able to boot off a reflect rescue usb to do those tasks.
macrium doesn’t do perpetual licenses anymore, and they EOL’d all reflect versions sold that way. it’s all subscriptions now (according to a neighbor that uses it… he was strong-armed into upgrading to a sub from his version 8.x)–even for that previous version which they still sell (relabeled ‘ltsc’) as a subscription.