With Windows Vista, Microsoft has introduced a new kernel security component for the 64-bit editions of the operating system. Windows mandatory Kernel Mode and Driver Signing implies that all modules or drivers designed to run at kernel level have to feature digital signatures. Microsoft's initiative is designed to increase the security of 64-bit Vista platforms by attesting that the kernel level software is provided by a legitimate publisher.
Back in February, just after the release of Windows Vista, Russian-based security developer Kaspersky revealed that there are a number of documented methods that will result in disabling signature checking in x64 Windows Vista. Kaspersky was of course revealing this aspect as a warning that such methods could be associated with malicious purposes.
“We anticipate a multitude of methods designed to get around kernel mode protection by loading unsigned components. Exploiting documented methods of disabling protection, developing exploits similar to the one mentioned above, gaining kernel level privileges without using a driver and finally, using a signed driver from a legitimate product with malicious intent. (...) This function protects the operating system against malicious code, but it is not as effective as the developers claim,” informed Alisa Shevchenko, Virus analyst, Kaspersky Lab at that time.
Still, there are legitimate reasons for disabling driver signing in 64-bit editions of Windows Vista. And in this sense I am referring to freeware applications that will not run on x64 Vista simply because of the restrictions related to driver signing.
However, the solutions presented by Kaspersky to disable Mandatory Kernel Mode and Driver Signing fail to deliver streamlined usage. And there is a simpler war. All you have to do is type “cmd” in the Search Box included in the Vista Start menu. Next, press Ctrl + Shift + Enter to open a command prompt window with elevated privileges. Now enter bcdedit /set loadoptions DDISABLE_INTEGRITY_CHECKS in order to disable Driver Signing and reboot.