Microsoft co-signed a malicious kernel driver, and now it's being used to kill security software in ransomware attacks.