Signed and Unsigned Drivers — The Trust Layer Beneath Every Install
Why every modern operating system insists on signed drivers, and what happens when you try to install one that does not have a signature.
What 'Signed' Actually Means
A signed driver carries a cryptographic signature that proves two things: who built it, and that nobody has changed a single byte since it was built. Operating systems use that signature to decide whether to trust the driver enough to load it into the kernel.
The signature is checked by following a chain of trust back to a small set of root certificate authorities that the operating system already trusts. If the chain breaks, the driver simply will not load.
Why Unsigned Drivers Are a Big Deal
An unsigned driver could come from anywhere — a malicious actor, a tampered-with download mirror, or even an honest vendor whose certificate has expired. Loading one is the equivalent of letting a stranger into the deepest part of your operating system.
Modern Windows refuses to load unsigned kernel drivers by default. macOS goes further and requires drivers to be notarised by the OS vendor. Linux is more permissive, but enterprise distributions typically lock down the kernel similarly.
When You Might Override the Signature Check
There are legitimate but rare cases — debugging your own kernel driver during development, running an old industrial device whose vendor is gone but whose driver still works, or spinning up a research lab system. In these cases, Windows offers a Test Mode and macOS offers a recovery-mode override.
Outside such cases, you should never disable signature enforcement. The protection it provides against malicious drivers is one of the most important security features in any modern operating system.
Quick Answers
Frequently Asked Questions
The questions readers send us most often on this topic.
Only by switching Windows into Test Mode and accepting the warnings. Doing so is fine for development but unwise for general use.
macOS's notarisation step adds an extra layer of malware checking on top of the developer's own signature, before macOS will load a third-party driver.
No — sometimes they are simply legacy or hobbyist code. But because the operating system has no way to tell the difference, it treats them all as untrusted.
Keep Reading
Related Overviews on PrintSoftDriver
Hand-picked articles that pair well with this one.
Want More Plain-English Driver Reads?
We translate the technical so you can focus on using your computer rather than fighting it.