Drivers can be
added to a Windows system in a number of ways. The most common method
is through the installation of Windows 8. During installation, drivers
are installed for all the devices that are present.
Two kinds of drivers are available: signed and unsigned. A signed driver carries with it a digital
signature that verifies the publisher of the driver and ensures that
the driver file has not undergone unauthorized modification, so it is
less likely that someone has added malicious code to the driver file
that could compromise the security of the system.
Important
DRIVER SIGNING IS NOT A CURE-ALL
Although driver signing improves the overall security of the system,
it’s important to remember that driver signing alone will not fix every
security issue. It’s still possible for bad code to be introduced in a
driver before the signing process or for an unauthorized entity to
attain access to driver signing. Either way, use caution, even with signed drivers.
An unsigned driver does not carry any guarantee that the company
that issued it is legitimate, and there is no guarantee that the driver
file has not been tampered with. Unsigned drivers are more likely to carry a driver file containing malware or be untrustworthy.
Remember that user-mode device drivers operate at a high level in
the operating system with user rights. Kernel-mode drivers can create a
major security issue.
You can use the Sigverif.exe utility to determine whether the files and drivers on a computer have been signed. To use Sigverif.exe, type sigverif.exe
at a command prompt to open the Signature Verifier utility. Click Start
to begin the scanning process. The utility displays the scanning
progress, as shown in Figure 1.