This post will show you how to disable Driver Signature enforcement in Windows 10/8/7 permanently. Driver Signing is the process of associating a digital signature with a driver package. Windows device installations use digital signatures to verify the integrity of the driver packages and to verify the identity of the vendor who provides the driver packages.
The drivers you normally install on your computer from Windows Update, Original Equipment Manufacturers or some 3th-party driver download software, etc. must be digitally verified by Microsoft via a digital signature. It is an electronic security mark that certifies the publisher for the driver, as well as all the relevant information related to it. If a driver isn’t certified by Microsoft, Window won’t run them on either 32-bit or 64-bit system. This is referred to as “driver signature enforcement”.
Windows 10 will load only Kernel mode drivers signed digitally by the Dev Portal. However, the changes will affect only the new installations of the operating system with Secure Boot on. The non-upgraded fresh installations would require drivers signed by Microsoft.
However, if you wish you can disable Driver Signature enforcement. Let us see how to do it.
Disable Driver Signature enforcement on Windows 10
There are three options available to you,
- Use Advanced Boot Menu
- Enable Test Signing Mode
- Disable Device Driver Signing.
1] Use Advanced Boot Menu
Hold down the Shift key while choosing the “Restart” option in Windows. Your computer will restart with Advanced Options. From the list of options displayed, select the “Troubleshoot” tile.
Next, select “Advanced options” and hit the “Startup Settings” tile.
Next, select the “Restart” button to restart your PC on the Startup Settings screen.
You will see the following screen on restart. Press the 7 keyboard key to activate the “Disable driver signature enforcement” option.
Once done, your PC will reboot with driver signature enforcement disabled, and you’ll be able to install unsigned drivers.
Having said that, the next time you restart your computer, driver signature enforcement will be disabled.
2] Disable Device Driver Signing
Run Command Prompt as Administrator and execute the following command:
bcdedit.exe /set nointegritychecks on
This will automatically disable driver signature enforcement on your device.
If you wish to enable this feature back again, you need to execute the following command in an elevated cmd window:
bcdedit.exe /set nointegritychecks off
To be able to do this, Secure Boot Policy will have to be disabled.
If you decide to exit this mode, run the following command:
bcdedit /set testsigning off
Hope this works for you.
3] Enable Test Signing Mode
Enabling the first option will disable the driver signature enforcement feature successfully until you choose to leave the Test Mode. To enable this option, you will have to open Command Prompt with administrative privileges. For this, type CMD in search box, right-click ‘Command Prompt’ and select ‘Run as administrator’ option.
Next, paste the following command into the Command Prompt window and press Enter:
bcdedit /set testsigning on
If a message is displayed on the screen reading “The value is protected by Secure Boot policy”, it means Secure Boot is enabled for your computer’s UEFI firmware. Disable it in your computer’s UEFI Firmware Settings to enable test signing mode via Advanced Startup Options.
Restart your computer to enter test mode. A “Test Mode” watermark should be visible in the bottom right corner of your computer screen. When you see this, it indicates no restriction for installing unsigned or not verified drivers.
You need to know that Driver Signing is a security feature that protects your system and you should consider re-enabling it as soon as it is possible.