Microsoft signed off on a driver that contains rootkit malware. Despite having processes and checkpoints—like code signing and the Windows Hardware Compatibility Program (WHCP)—in place to prevent such events from happening, the driver still managed to pass through.