Microsoft is "raising the bar" and making major changes to how drivers are built and verified on Windows 11 — here are the important details

Microsoft has announced that it's making changes to how Windows drivers are built and signed, extending its new driver resiliency playbook beyond just anti-virus makers in an effort to ensure drivers are safe, secure, and more reliable.

The most important change is that going forward, signed drivers will have to meet a higher security and resiliency bar, passing many new certification tests. Microsoft also says that it expects to see a significant reduction in code that runs in kernel mode over the coming years, including drivers that deal with networking, cameras, USB, printers, storage, and more.

The company also says that Windows is gaining an expanded set of in-box drivers and APIs, which should allow OEM partners to replace their custom or proprietary kernel-level drivers with standardized Windows drivers, which should help stabilize the OS and also has the added benefit of less overall system bloat.

Here's the rundown of the changes being made to Windows drivers:

• Driver signing will require a higher security and resiliency bar with many new certification tests.
• We are expanding Microsoft-provided Windows in-box drivers and APIs so partners can replace many custom kernel drivers with standardized Windows drivers or move logic to user mode.
• Over the coming years, we expect a significant reduction in code that runs in kernel mode across driver classes such as networking, cameras, USB, printers, batteries, storage and audio.

Microsoft says that Windows will continue to support third-party kernel mode drivers, and that it will not limit partners from innovating where Windows doesn't have in-box drivers. Graphics drivers will continue to operate in kernel mode, for example.

"For kernel-mode drivers, we’re adding practical guardrails that improve quality and contain faults before they become outages. These include new mandatory compiler safeguards to constrain driver behavior, driver isolation to limit blast radius, and DMA-remapping to prevent accidental driver access to kernel memory."

These changes are designed to strengthen and stabilize the OS. Microsoft is obsessed with ensuring that third-party drivers aren't able to take down the OS, like the CrowdStrike driver did back in July 2024. These improvements should mean the OS is less bloated at a kernel level, while also being more stable.

Follow Windows Central on Google News to keep our latest news, insights, and features at the top of your feeds!