Using the System Utilities
Hardware Management
Device Driver Signing
- Windows 7 uses file signatures on system files to ensure system stability.
- Device driver signing ensures that a driver for a specific hardware component has been verified by Microsoft to be from a known software publisher. It also ensures that the device driver has not been modified in any way since it was signed.
- Attempting to install an unsigned driver generates one of the following messages:
- Windows can't verify the publisher of this driver software - This message appears when no digital signature is present, or the digital signature cannot be verif ed as valid. You should install unsigned drivers only if you are conf dent it is from a legitimate source.
- This driver software has been altered - This message appears if the device driver has been altered since the developer added the digital signature. In most cases, this message indicates that the original device driver has been infected by a malicious program and it should not be installed.
- Windows cannot install this driver software - This message appears only on the 64-bit versions of Windows 7. The 64-bit versions of Windows 7 do not allow unsigned device drivers to be installed by default. However, for testing purposes, you can disable the check for driver signing by using bcdedit.exe.
- The File Signature Verification utility is used to verify that existing drivers and system files are signed. The filename, location, modification date, and version number are returned for each unsigned file. You can then investigate whether signed versions of these files are available. It is a best practice to use only signed device drivers.
