Driver Signing Policy Is Automatically Elevated for Unsigned Drivers (831583)


The information in this article applies to:

  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Professional

SYMPTOMS

When you install a device driver, and Microsoft Windows 2000 or Microsoft Windows XP detects that the device driver is not digitally signed, you may receive a warning message and an option to cancel or continue the installation. This message appears even though Windows is configured with the DriverSigningPolicy setting set to Ignore.

The following error message may also be written to the Setupapi.log file:
E245: The device installation digital signature failure policy has been elevated from Ignore to Warn due to a proposed replacement of a protected system file.

CAUSE

This behavior occurs because your computer is configured to display a warning message whenever an installation program tries to install a device driver that does not have a digital signature. Windows automatically raises the driver signing policy from Ignore to Warn whenever an installation program tries to install a device driver that does not have a digital signature. This is a function of Windows File Protection to promote the overall stability of the operating system.

STATUS

This behavior is by design.

MORE INFORMATION

For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

298503 Driver Signing Registry Values Cannot Be Modified Directly in Windows

314479 How to Add OEM Plug and Play Drivers to Windows XP

Modification Type:MajorLast Reviewed:12/5/2003
Keywords:kbinfo KB831583 kbAudEndUser kbAudITPRO
©2003 Microsoft Corporation. All rights reserved.