Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Guide to Installing Un-Signed Drivers in Win 7 x64


22 Jun 2009   #1

Windows 7 7100 x64
 
 
Guide to Installing Un-Signed Drivers in Win 7 x64

Since I made the Move to 64-bit a while back, Every once in a while, I would run into a Problem where I needed to Install Driver that was Un-Signed.

As A Security measure in the 64-bit Versions of Vista/7, All Drivers must come with a Secure Digital Signature.

This is not a large problem anymore with the fact that Most Drivers are Signed nowadays. But Older Hardware Drivers tend not to be Signed.

There is a Simple way around this Block.

  • Open the Command Prompt in Admin Mode (Type "CMD" into the Start Menu and press "Ctrl+Shift+Enter")
  • Enter this Command: bcdedit /set loadoptions DDISABLE_INTEGRITY_CHECKS
Now when you Re-Boot, You should be able to Install those Pesky Un-Signed Drivers.

Hope it helped. (if so, +Rep is one of the best ways to thank)


My System SpecsSystem Spec
.

22 Jun 2009   #2

 

Quote   Quote: Originally Posted by Benjamin View Post
Since I made the Move to 64-bit a while back, Every once in a while, I would run into a Problem where I needed to Install Driver that was Un-Signed.

As A Security measure in the 64-bit Versions of Vista/7, All Drivers must come with a Secure Digital Signature.

This is not a large problem anymore with the fact that Most Drivers are Signed nowadays. But Older Hardware Drivers tend not to be Signed.

There is a Simple way around this Block.

  • Open the Command Prompt in Admin Mode (Type "CMD" into the Start Menu and press "Ctrl+Shift+Enter")
  • Enter this Command: bcdedit /set loadoptions DDISABLE_INTEGRITY_CHECKS
Now when you Re-Boot, You should be able to Install those Pesky Un-Signed Drivers.

Hope it helped. (if so, +Rep is one of the best ways to thank)
Hi Benjamin,

We have a tutorial section for guides like this if you would like this thread moved there?

You can also install unsigned drivers by either self-signing the certificate or installing the one it came with, if it contained any digital certificate


Steven
My System SpecsSystem Spec
22 Jun 2009   #3

XP, Seven, 2008R2
 
 

Self-sign what certificate? If a driver is unsigned it won't have a certificate.

If anyone could self-sign a kernel level driver, any security provided by this feature goes out the window. (no pun intended)

Requiring signed drivers was a genious move by Microsoft. Boy it makes them some serious extra cash.
My System SpecsSystem Spec
.


22 Jun 2009   #4

 

Quote   Quote: Originally Posted by sup3rsprt View Post
Self-sign what certificate? If a driver is unsigned it won't have a certificate.
Ive seen some drivers include self-signed certificates (Nvidia beta, Daemon Tools...) before using their legitimate ones.

Quote:
If anyone could self-sign a kernel level driver, any security provided by this feature goes out the window. (no pun intended)

Requiring signed drivers was a genious move by Microsoft. Boy it makes them some serious extra cash.
Anyone can sign a driver using the SignTool and certutil included with the Windows SDK and Windows DDK, thats more secure than completely disabling Driver Signing and allowing any driver to install/run on your system

Microsoft makes nothing since it cant be a CA, Certificate Authority's like Verisign and Thawte are the ones making the money here

Steven
My System SpecsSystem Spec
22 Jun 2009   #5

XP, Seven, 2008R2
 
 

Microsoft makes tons of cash on things like this. Authenticode and WHQL for example.

I agree that disabling driver signing requirement is insecure. But so is allowing any hacker off the street to sign his own malware, so it doesn't make much difference in the end.

However, it's good news for me the (security conscious) consumer if there really are multiple ways around this whole driver signing requirement.
My System SpecsSystem Spec
23 Jun 2009   #6

 

Quote   Quote: Originally Posted by sup3rsprt View Post
Microsoft makes tons of cash on things like this. Authenticode and WHQL for example.
As Ive said, Microsoft makes nothing. They cant design and build Authenticode/WHQL or Digital Certificates then charge people for learning/using them. If they did then they would be the gate-builder and gate-keeper and have too much power over the security sector while giving themselves another monopoly, It just wont happen again.

Quote:
I agree that disabling driver signing requirement is insecure. But so is allowing any hacker off the street to sign his own malware, so it doesn't make much difference in the end.
AS I said before, You can sign your own code on your own machine, nothing will stop you from re-signing a NVidia driver with your own certificate, what will stop you is trying to use that re-signed driver on another machine, If that machine doesnt have your Self-Signed/Created CA then your self-signed certificate is invalid and useless on another machine.

Quote:
However, it's good news for me the (security conscious) consumer if there really are multiple ways around this whole driver signing requirement.
If its going to be anything like Vista then the RTM version will prevent you from permanently disabling Driver Signing, It will only run for the first reboot, after the second, Driver Signing is re-enabled.

Self-Signing is permanent and the safest solution available

Steven
My System SpecsSystem Spec
23 Jun 2009   #7

XP, Seven, 2008R2
 
 

Quote   Quote: Originally Posted by dmex View Post
They cant design and build Authenticode/WHQL or Digital Certificates then charge people for learning/using them. If they did then they would be the gate-builder and gate-keeper and have too much power over the security sector while giving themselves another monopoly, It just wont happen again.
I realize that the expensive code signing certificates themselves are not provided by Microsoft. That isn't really the issue I am debating.

Microsoft partnering with CA's such as Verisign and requiring signed code is what had the open source community and free software developers in such an uproar.
My System SpecsSystem Spec
24 Jun 2009   #9

Windows 7 Home Premium x64 - Mac OS X 10.6.4 x64
 
 

I can attest that all builds after 7201 will re-enable driver signing enforcement after a reboot....
My System SpecsSystem Spec
26 Jun 2009   #10

Windows 7 Build 7600.16385 (Clean Install)
 
 

I just usually hit F8 on reboot and disable driver signature verification or watever its called. Allows me too use my PS3 controller as a pc controller which makes me happy lol
My System SpecsSystem Spec
Reply

 Guide to Installing Un-Signed Drivers in Win 7 x64




Thread Tools



Similar help and support threads for2: Guide to Installing Un-Signed Drivers in Win 7 x64
Thread Forum
Solved No Signed Device Drivers Found? Installation & Setup
No signed device drivers were found Drivers
Solved Digitally Signed Drivers with Recovery Installation & Setup
Solved No signed device drivers were found. Installation & Setup
No signed drivers message Installation & Setup
Can't find signed drivers? Drivers
PeerBlock now has Signed Drivers! System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 12:33 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33