Passer au contenu principal
  • Passer des commandes rapidement et facilement
  • Afficher les commandes et suivre l’état de votre expédition
  • Créez et accédez à une liste de vos produits
Certains numéros d’article ont peut-être changé. Si ce n’est pas ce que vous recherchez, essayez de faire une recherche sur tous les articles. Rechercher des articles

The Signature of a Windows 10 Driver You are Trying to Install is Corrupt or Invalid

Résumé: Information about Dell Windows 10 Drivers.

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.

Symptômes

Windows 10 Driver Corrupt or Invalid

In September 2015, Dell was alerted to a change in code signing requirements Microsoft has implemented on Windows 10 Threshold 2 (TH2) version 1511 (Windows 10 November 2015 update). Effective January 1, 2016, Microsoft requires all driver files to be signed with the new SHA-256 certificate.

If a customer attempts to install a driver dated January 1, 2016 that doesn't have the SHA-256 certificate, they will encounter an error that indicates the signature of the chipset driver is corrupt or invalid. Dell Engineering has discovered that a limited set of drivers were published after January 1, 2016 without the SHA-256 certificate. Dell is working to quickly validate that all January 1, 2016 and newer drivers on the Dell Support Website (Dell.Com/Support) are correctly certified with the SHA-256 certificate to prevent this error. 

Cause

 

Résolution

All Dell drivers were updated to the SHA-256 certificate shortly after the beginning of 2016. If you should encounter this issue with a Dell driver, ensure that you have downloaded the most recent version of the driver. 

If you encounter a situation where the CURRENT driver presents this issue, download the previous revision of the driver (if one is available), these should be compliant with the previous certificate. To check for previous versions of a driver, open the download page of the current driver and scroll down the page. If there is a listing for "Other Versions", then there is a previous version available for download. (Figures 1 & 2)

SLN301022_en_US__1other-versions
Figure 1 - Other Versions Drop Down

SLN301022_en_US__2other-versions-1
Figure 2. - Drop down list of previous driver versions that are available.


Questions and Answers

Q: What systems are impacted?
A: All customers whose systems have Windows 10 are potentially impacted if they downloaded drivers that do not meet code signing requirements laid out by Microsoft.

Q: What are the new code signing requirements meant to protect against?
A: This is hardening against malicious software attempting to compromise or assume the identity of a certificate. This new code signing certificate is adding protection against a theoretical vulnerability.

Q: How is the user affected if they have drivers that do not meet the new code signing requirements?
A: The user will get an error that the cert is corrupt or expired.

Q: Can the vulnerability MSFT is trying to protect against be used for a phishing attack?
A: No, the nature of the attack is not phishing-related. It is protecting against software trying assume a certificates identity of trust.

Q: How many vendors are impacted?
A: This issue is industry-wide for PCs running Windows 10. Customers should verify their status with the vendor they purchased their system from or downloaded their drivers from.

Q: Is there a way to identify if one of my drivers is affected?
A: If a customer attempts to install a driver dated January 1, 2016 that doesn't have the SHA-256 certificate, they will encounter and error that indicates the signature of the chipset driver is corrupt or invalid.

Q: How does Dell learn about security vulnerabilities in its programs and products?
A: Dell has a robust product development and testing cycle that we are always improving and when we detect issues we work quickly to resolve them. In addition, we foster an open relationship with our customers and those in the security community so we can help protect our customers.

Q: Is this related to eDellRoot and DSDTestProvider vulnerabilities?
A: No, this issue is not related to the eDellRoot and DSDTestProvider certificate vulnerabilities identified in 2015.

Acknowledgments
Dell would like to thank Microsoft whose efforts help us protect customers through coordinated vulnerability disclosure and resolution.


 

Propriétés de l’article
Numéro d’article: 000146911
Type d’article: Solution
Dernière modification: 03 sept. 2021
Version:  4
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.