Microsoft has just updated its ASR rules, a new rule with id 56a863a9-875e-4185-98a7-b882c64b5ce5 add into all the rules.
Name: abuse of exploited vulnerable signed drivers

Already included in latest Hard_Configurator and ConfigureDefender Beta.

Thanks.