It’s a sequence of problems that lead to this:
- The kernel driver should have parsed the update, or at a minimum it should have validated a signature, before trying to load it.
- There should not have been a mechanism to bypass Microsoft’s certification.
- Microsoft should never have certified and signed a kernel driver that loads code without any kind signature verification, probably not at all.
Many people say Microsoft are not at fault here, but I believe they share the blame, they are responsible when they actually certify the kernel drivers that get shipped to customers.
Make Linux use a random MAC address, then block the physical MAC in the DHCP section of the router’e configuration. This will make Windows unablento recieve an IP address while Linux will be able to get ahold of one.
If windows uses tandom mac addresses, the feature should be able to be turned off.
Or, simply disable the network interfaces in Windows’ control panel. I’ve never seen Windows reenable a network card by itself.