Windows 10 Anniversary Update requires signed drivers

Posted on Wednesday, Aug 03 2016 @ 13:08 CEST by Thomas De Maesschalck
MS logo
With the rollout of Windows 10 Anniversary Update (aka version 1607), Microsoft is cracking down on unsigned drivers. The software giant revealed this plan before the launch of Windows 10 but so far this rule wasn't enforced due to technical and ecosystem readiness issues. This changes with the Anniversary Update, new kernel mode drivers will need to be digitally signed or they will no longer load.

The move aims to improve security but one major drawback is that it limits a computer enthusiast's control over his/her own system.
Starting with new installations of Windows 10, version 1607, the previously defined driver signing rules will be enforced by the Operating System, and Windows 10, version 1607 will not load any new kernel mode drivers which are not signed by the Dev Portal. OS signing enforcement is only for new OS installations; systems upgraded from an earlier OS to Windows 10, version 1607 will not be affected by this change.

We’re making these changes to help make Windows more secure. These changes limit the risk of an end-user system being compromised by malicious driver software.

If you are a driver developer, here is what you need to do:
  • Ensure that you submit new drivers to Microsoft via the Windows Hardware Developer Center Dashboard portal.
  • Begin the process of getting an Extended Validation (EV) Code Signing Certificate. All drivers submitted to the portal must be signed by an EV certificate.
  • More info at MSDN.

    About the Author

    Thomas De Maesschalck

    Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

    Loading Comments