Windows 10 update sparks driver compatibility fears

Over-zealous verification checks designed to tighten security may block some older drivers

Two options shown on the Windows 10 start menu, reading "Update and shut down", or "Update and restart"

A cumulative Windows 10 update released as part of this week’s Patch Tuesday round of fixes may be causing incompatibility issues with certain versions of legitimate drivers.

The change Microsoft has implemented, as part of the update tagged KB4579311, aims to tighten up the verification standard in Windows 10 for driver software. This has been rolled out to minimise the chances of malware exploiting vulnerable or out-of-date drivers, and fully compromising systems.

Windows 10 will prevent users from applying driver updates if the operating system cannot verify the software publisher, displaying two error messages when this happens. Users will first be informed that Windows 10 cannot verify the driver software, and secondly that no signature was present in the subject. These errors suggest that Windows did not recognise the formatted catalogue file in the driver validation, Microsoft has disclosed, and that installation therefore won’t be successful.

While this measure has been introduced to prevent potentially vulnerable drivers from being installed on machines, and therefore heightening the risk of exploitation by malware, the tighter standards could hit legitimate software. Older versions of existing drivers, for example, may not pass the new checks.

Should users encounter these errors when attempting to update their drivers to legitimate software that cannot be verified, Microsoft has recommended that they contact the driver manufacturer. The only way around the glitch is for the device manufacturer to re-upload the driver, or provide a more up-to-date version of the software, in which the catalogue file is formatted correctly.

Microsoft released up to 87 security fixes as part of its routine Patch Tuesday updates yesterday, including fixes for 11 critical vulnerabilities. Among these was a ‘wormable’ remote code execution flaw affecting the TCP/IP component of Windows 10 and Windows Server 2019, rated 9.8 on the CVSS scale.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Security best practices for PostgreSQL

Securing data with PostgreSQL

Download now

Transform your MSP business into a money-making machine

Benefits and challenges of a recurring revenue model

Download now

The care and feeding of cloud

How to support cloud infrastructure post-migration

Watch now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Data belonging to 500 million LinkedIn users found for sale on hacker marketplace
hacking

Data belonging to 500 million LinkedIn users found for sale on hacker marketplace

8 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021