Learn Editor: Update criteria.md

denisebmsft · denisebmsft · commit a8c40cc2aaa3 · 2025-03-14T08:48:22.000-07:00
diff --git a/unified-secops-platform/criteria.md b/unified-secops-platform/criteria.md
@@ -219,4 +219,4 @@ Vulnerable software is an application or code that has security flaws or weaknes
 
 ### Vulnerable drivers
 
-Despite strict requirements and reviews imposed on code running in kernel, device drivers remain susceptible to various types of vulnerabilities and bugs. Examples include memory corruption and arbitrary read and write bugs, which can be exploited by attackers to execute more significant malicious and destructive actions -– actions typically restricted in user mode. Terminating critical processes on a device is an example of such malicious action.  
+Despite strict requirements and reviews imposed on code running in kernel, device drivers remain susceptible to various types of vulnerabilities and bugs , including intentional design oversights that undermine the security promise of the operating system . Examples include memory corruption and arbitrary read and write bugs, which can be exploited by attackers to execute more significant malicious and destructive actions -– actions typically restricted in user mode. Terminating critical processes on a device is an example of such malicious action.  

Original file line number	Diff line number	Diff line change
`@@ -219,4 +219,4 @@ Vulnerable software is an application or code that has security flaws or weaknes`
`219`	`219`
`220`	`220`	`### Vulnerable drivers`
`221`	`221`
`222`		`-Despite strict requirements and reviews imposed on code running in kernel, device drivers remain susceptible to various types of vulnerabilities and bugs. Examples include memory corruption and arbitrary read and write bugs, which can be exploited by attackers to execute more significant malicious and destructive actions -– actions typically restricted in user mode. Terminating critical processes on a device is an example of such malicious action.`
	`222`	+Despite strict requirements and reviews imposed on code running in kernel, device drivers remain susceptible to various types of vulnerabilities and bugs , including intentional design oversights that undermine the security promise of the operating system . Examples include memory corruption and arbitrary read and write bugs, which can be exploited by attackers to execute more significant malicious and destructive actions -– actions typically restricted in user mode. Terminating critical processes on a device is an example of such malicious action.