Section 2.3: Using Driver Signing
Some device drivers and some applications overwrite existing operating files as part of their installation process. These files can cause system errors that are difficult to troubleshoot. Microsoft has greatly simplified the tracking and troubleshooting of altered files by digitally signing the original operating system files and allowing you to verify these signatures.
2.3.1: Configuring Driver Signing
You can configure how the computer responds to unsigned files on HARDWARE tab of SYSTEM. Here you can configure one of three responses:
- Ignore allows any files to be installed regardless of whether they are digital signature or not.
- Warn displays a warning message before allowing the installation of an unsigned file. This is the default option.
- Block prevents the installation of unsigned files.
Note: Once you have set altered the Driver Signing setting, you must set it as the default setting or the setting will revert to the previous default setting on the next system reboot. To set the new settings as the default setting, select the MAKE THIS ACTION THE SYSTEM DEFAULT check box on the Driver Signing Options dialog box.
2.3.2: System File Checker
Windows XP Professional also has a System File Checker (SFC), which is a command-line tool that you can use to check the digital signature of files. SFC can be used from a command prompt. The syntax of the SFC tool is:
Sfc [/scannow] [/scanonce] [/scanboot] [/revert] [/purgecache] [/cachesize=x]
Table 2.1: System File Checker Optional Command-line Switches
| Switch | Description |
|---|---|
| /scannow | Used to perform an immediate scan of all protected system files |
| /scanonce | Used to perform a scan of all protected system files only on the next system reboot |
| /scanboot | Used to perform a scan of all protected system files every time the system reboots |
| /revert | Causes the SFC settings to be returned to the default settings |
| /purgecache | Purges the file cache |
| /cachesize=x | Sets the file cache size |
2.3.3: The File Signature Verification Utility
Windows XP Professional also has a File Signature Verification utility, sigverif, that allows you to view the file's name, its location, its modification date, its type, and its version number.
2.3.4: Device Diver Rollback
In addition to protecting you from driver-related trouble by warning you when you try to install an unsigned driver that has not been certified as compatible with Windows XP, Windows XP Professional also allows you to uninstall an updated driver and restore the previously installed version of the driver. This can be done in Safe Mode, if necessary. In other words, if you experience system problems after updating a device driver, you can roll back to the previous instaled version of the driver.
To roll back a driver:
- Click on the start button
- Click on CONTROL PANEL
- Open SYSTEM
- Click on the hardware tab
- Click on DEVICE MANAGER.
- Expand the hardware category to which the device driver belongs
- Right-click the device driver
- Click PROPERTIES
- On the Device Properties dialog box, click on the driver tab
- Click ROLL BACK DRIVER.
- In the dialog box, click yes
- Click OK
If no backed-up driver is available, then Driver Rollback is not available for the selected device. This could be because the device driver was not updated or the previous version of the device driver was inactive or dysfunctional. Windows XP Professional only backs up device drivers that are active and functional. Also, when you roll back to an unsigned device driver, Windows XP Professional will prompt you before overwriting the newer driver. Windows XP Professional will not you prompt when you roll back to a signed device driver.
Note: Driver Rollback is not available for Printers because the drivers are not configured through Device Manager; they are configured through the Printers and Faxes folder.