O'Reilly logo

Windows Vista Security: Praxisorientierte Sicherheit für Profis by Marcus Nasarek

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

138
|
Chapter 5: Customizing Your Computer’s Hardware Devices
The driver information file specifies the basic configuration settings for the HAL and
identifies any source or linked library files that the device should use. Source files
have the .sys extension. Linked library files have the .dl extension. Some drivers also
have associated component manifest (component.man) files. Component manifest
files are written in eXtensible Markup Language (XML). They include details on the
driver’s digital signature and can include Plug and Play information used by the
device to configure itself automatically.
All drivers installed on the operating system have a source .sys file in the
%SystemRoot%\System32\Drivers folder. Within the Drivers folder, you’ll find sub-
folders with localized driver source files for each language component configured on
the system. For example, for localized U.S. English driver source files, you’ll find a
subfolder called en-US.
Following this, the key folders used with drivers on a computer localized for U.S.
English are:
%SystemRoot%\System32\DriverStore
%SystemRoot%\System32\DriverStore\en-US
%SystemRoot%\System32\DriverStore\FileRepository
%SystemRoot%\System32\Drivers
%SystemRoot%\System32\Drivers\en-US
When you install a device driver, the driver is written to a subfolder of
%SystemRoot%\System32\Drivers and configuration settings are stored in the regis-
try. The driver’s .inf file is used to control the installation and write the registry set-
tings. If the driver doesn’t already exist in the driver store, it does not already have an
.inf file or other related files on the system. In this case, the driver’s .inf file and other
related files are written to a subfolder of %SystemRoot%\System32\DriverStore\
FileRepository when you install the device.
How Does the Operating System Validate Device Drivers?
Microsoft validates drivers using compatibility testing. Every device driver in the
driver store is included because it passed extensive testing by the Windows Hard-
ware Quality Lab. Once a device driver has been tested, Microsoft makes it possible
to authenticate drivers by digitally signing them to prevent them from being tam-
pered with. Because any changes to a signed driver void the digital signature, you can
be sure that any device driver digitally signed by Microsoft is valid and authentic.
Further, any device driver with a valid digital signature signed by Microsoft should
not cause your system to crash or become unstable.
Drivers can also be digitally signed by their manufacturers. When a manufacturer
digitally signs a driver, the manufacturer is giving proof of the driver’s authenticity
but not necessarily that it is 100 percent compatible with Windows Vista. Still, as

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required