Lucky You, Microsoft has Sent You an Email! (Think Again). - Verifying the integrity of system and driver files

(Page 4 of 6 )

While there are a great number of security threats we should have in mind and try to avoid, it is reassuring to know that Microsoft has implemented appropriate mechanisms to ensure the integrity of system and driver files that we install on our computers.

Microsoft's approach to the subject is to digitally sign Windows device drivers and operating system files. By doing so, Microsoft assures their customers about the quality of the newly released files, meaning that the files have been tested exhaustively and they have not been altered since their creation. 

Windows includes the following features to ensure that the device drivers and system files you install remain in their original, digitally signed state:

• Windows File Protection
• System File Checker
• File Signature Verification

Windows File Protection

There is always the danger when installing new applications that you will replace important system files, causing failure to the operating system.

The Windows File Protection feature prevents other programs from replacing protected system files. It runs in the background and protects all the files installed by the Windows Setup program.

The line of operation of Windows File Protection is based on the file’s digital signature; the program uses the digital signature of the file to verify that it is the original with a correct Microsoft version. If the verification fails, Windows File Protection either replaces the file from the backup stored in the dll cache folder or from the Windows CD. In the case where the Windows File Protection cannot locate the specified file, it prompts you for the location. The file replacement attempt is written to the event log; so it is a good tactic to check over the event log frequently.

Microsoft distributes signed files through:

• Windows Service Packs
• Hotfix distributions
• Operating system upgrades
• Windows Update
• Windows Device Manager/Class Installer

In order to set the file signature verification options, you have to complete the following steps:

1. Click Start -> Control Panel ->System.
   
   
2. On the Hardware tab select Driver signing.
   
   
3. Under File signature verification click:
   
   
   
   1. Ignore to allow all device drivers to be installed on the computer, regardless of whether they have a digital signature.
      
      
   2. Warn to display a warning message whenever an installation program attempts to install a device driver without a digital signature; this is the default behavior for Windows.
      
      
   3. Block to prevent an installation program from installing device drivers without a digital signature.
      
      
      

Next: System File Checker >>
 

More Windows Security Articles
More By Eliana Stavrou

Comments On: Lucky You, Microsoft has Sent You an Email! (Think Again).

>>> Be the FIRST to comment on this article!