Policy

HKCU\Software\Microsoft\Driver Signing

Data type Range Default value
REG_DWORD 0 | 1 | 2 1

Description

Determines how the system responds when a user tries to install device driver files that are not digitally signed.

Value Meaning
0 Ignore. The system proceeds with the installation even if it includes unsigned files.
1 Warn. The system notifies the user that files are not digitally signed and lets the user decide whether to stop or to proceed with the installation and permit unsigned files to be installed.
2 Block. The system will not install unsigned files. As a result, the installation stops, and none of the files in the driver package are installed.

This entry applies only to the current user of the computer. However, if a stricter setting is configured for all users of the computer (in Policy in HKLM) or a user Group Policy establishes a stricter setting (in BehaviorOnFailedVerify), then this value is ignored for the current user.

This entry stores the option selected in the File signature verification section of the Driver Signing Options dialog box when the Apply setting as system default box is not selected. If the box is selected, then the selection applies to all users of the computer and it is stored in the value of Policy in HKLM.

Change method

To change the value of this entry, use System in Control Panel. Click the Hardware tab, click Driver Signing, and then select an option in the File signature verification section. (Do not select the Apply setting as a system default box.)

Note Image Note

The system adds this entry to the registry when you use System in Control Panel to change the default value.

This entry applies to all users of the computer. The Policy entry also can appear in the HKCU\SOFTWARE\Microsoft\Driver Signing for a particular user. Also, you can use the Code signing for device drivers Group Policy to add the BehaviorOnFailedVerify entry to the registry.

Related Entries

Page Image

Page Image