Validating that the servers contain only signed drivers
Let me try to provide you a quick summary of what’s changing, because you definitely will care: The big news is that, aside from a short-term exception, a Microsoft signature is required by Windows 10 to load kernel-mode drivers.
I have a problem running a driver build on my build server.I recently purchased a Go Daddy Driver Signing Certificate and they ensured me that it should be working for ...Due to windows changing their security policies, we are planning to begin code-signing driver files with the SHA-256 algorithm instead of SHA-1.If you have ever installed some software or drivers in Windows, you have probably seen a dialog telling you the name of the company or person that published that software.This means that the publisher has cryptographically signed their work.For all the details, you’ll need to read my blog post from the end of July entitled Questions and Answers: Windows 10 Driver Signing.
In that blog post, Microsoft program manager James Murray answers questions from the community on how the Windows 10 driver signing process will work.
It is common for instance that beta drivers are not digitally signed.
While unsigned drivers don't necessarily have to be problematic, it makes sense to check the system for those and verify that they are legitimate and the best choice.
In case you’ve been busy worrying about writing code for existing projects and stuff, let me call your attention to some big changes in the realm of driver signing that start with Windows 10.
There’s been an ongoing thread on NTDEV about this topic for more than a month now that has led to some very good information being collected and discussed by the Driver Development Community.
Windows ships with a driver verification tool called File Signature Verification which you can use for that purpose.