Howto: Disabling Driver Signing in Windows Vista 64 bit

by admin on November 5, 2007

A security feature of Windows Vista 64 bit version is that unsigned drivers will not load. I’m all for increased security, until I run across a piece of hardware that does not have signed drivers.

It was easy to disable driver signing before two updates were released. From an elevated command prompt I ran

bcdedit /set loadoptions DDISABLE_INTEGRITY_CHECKS

and rebooted, and I was able to load the unsigned drivers with no problem.

But that was before KB932596 and KB938979 were released. These two patches broke the bcdedit command listed above. Sure, I could still access the Advanced Boot Options menu by pressing F8 during the boot process and selecting Disable Driver Signature Enforcement, but that just disables driver signing for the current boot only.

I was looking for a permanent solution and came across this guide that explains the bcdedit command will work if if you uninstall the patches from KB932596 and KB938979. You can also use VBCDEDIT to edit Vista’s boot options, which are normally set using the bcdedit command.

[update 11-05-2007]

Violator posted that KB938194 also needs to be uninstalled , and he suggests running the following command as well:

Bcdedit /set nointegritychecks ON

[updated 11-14-2007]

E-M@iLinAtoR commented that Windows6.0-KB941649-v2-x64 also needs to be uninstalled.

[updated 03-24-2009]

If all else fails, try Mark’s technique for creating your own driver signing certificate and signing the driver or application yourself.  Thanks to Claus for the link.

{ 53 comments… read them below or add one }

Leave a Comment

{ 1 trackback }

Previous post:

Next post: