systeminformer: Unable to load kernel driver service
Brief description of your issue
When enabling the kernel-mode driver Process Hacker informs me that it was unable to load the driver service, as the service in question has apparently been removed and PH is unable to install it, even with cli commands, this also happens with sandboxie, so it’s likely that Microsoft changed something regarding drivers in the latest updates of Windows 11.
Steps to reproduce (optional)
Install latest updates from the dev channel on Windows 11.
Enable kernel-mode driver
Expected behavior (optional)
The kernel-mode driver should work as it did on previous versions.
Actual behavior (optional)
As stated, the process is unable to be created and thus this function won’t work.
Environment (optional)
Process Hacker nightly, also tested on stable with same results.
Latest Windows 11 build from dev channel (OS. Build 22563.1)
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Reactions: 3
- Comments: 34 (8 by maintainers)
HKLM\System\CurrentControlSet\Control\CI\Config\VulnerableDriverBlocklistEnableand set to0Microsoft is testing updates on the Windows 11 insider branch that currently prevent developers/security researchers from compiling the driver source and debugging it with test signing. If you’re trying to compile the source-code and debug the driver with self-signed test certificates then you need to change this string to bypass those checks: https://github.com/processhacker/processhacker/blob/3e80de2bd64f70b7ec4bde085eea81c3e0f3ff77/KProcessHacker/resource.rc#L23
Is turning this option off:
the same as the fix: