IndirectKmd.sys without signature

Davide 0 Reputation points
2023-05-02T11:45:12.42+00:00

Good morning,

I found the driver file "IndirectKmd.sys" hash "0B834E9FBD694680C7F5AF22864BDCF7347C83C3684FF9CC5350AC0880CC878F" that is unsigned.

How it is possible? Is this possible that the driver is distributed without a signature?

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,457 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. abbodi86 3,866 Reputation points
    2023-05-02T21:27:12.1666667+00:00

    Non boot-critical drivers are signed with security catalogs, not individual digital signature

    run this in Windows Powershell

    Get-AuthenticodeSignature C:\Windows\System32\drivers\IndirectKmd.sys | select *

    or use signtool.exe tool from Windows Driver Kit / Windows SDK

    signtool.exe verify /a /v C:\Windows\System32\drivers\IndirectKmd.sys

    0 comments No comments