From 0c38f0070f5e8b1e06db26b460449e43cf6888ca Mon Sep 17 00:00:00 2001
From: jsuther1974 <jsuther@microsoft.com>
Date: Mon, 17 Oct 2022 14:49:48 -0700
Subject: [PATCH] Update microsoft-recommended-driver-block-rules.md

---
 .../microsoft-recommended-driver-block-rules.md                | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
index ce78a32d32..1dd3d2a119 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
@@ -36,6 +36,9 @@ Microsoft has strict requirements for code running in kernel. So, malicious acto
 
 Drivers can be submitted to Microsoft for security analysis at the [Microsoft Security Intelligence Driver Submission page](https://www.microsoft.com/en-us/wdsi/driversubmission). For more information about driver submission, see [Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center](https://www.microsoft.com/security/blog/2021/12/08/improve-kernel-security-with-the-new-microsoft-vulnerable-and-malicious-driver-reporting-center/). To report an issue or request a change to the vulnerable driver blocklist, including updating a block rule once a driver vulnerability has been patched, visit the [Microsoft Security Intelligence portal](https://www.microsoft.com/wdsi) or submit feedback on this article.
 
+> [!NOTE]
+> Blocking drivers can cause devices or software to malfunction, and in rare cases, lead to blue screen. The vulnerable driver blocklist is not guaranteed to block every driver found to have vulnerabilities. Microsoft attempts to balance the security risks from vulnerable drivers with the potential impact on compatibility and reliability to produce the blocklist.
+
 ## Microsoft vulnerable driver blocklist
 
 <!-- MAXADO-6286432 -->