I think cost isn't the issue here. The issue is that it's super easy to emulate some ancient USB device, windows auto-installs the ancient driver, and you then exploit that driver to get kernel mode code execution.
However, I don't think filtering old drivers is a good way to combat this. Instead they should be popping up a dialog saying "Do you really want to install this USB joystick last sold in 1998? Older devices can pose security risks. If so, please enter your admin password to confirm. If you did not just plug in a USB Joystick, please [report it]."
However, I don't think filtering old drivers is a good way to combat this. Instead they should be popping up a dialog saying "Do you really want to install this USB joystick last sold in 1998? Older devices can pose security risks. If so, please enter your admin password to confirm. If you did not just plug in a USB Joystick, please [report it]."