When you install software, your PC often knows who made it — not because the software says so, but because of a digital signature. For kernel drivers, that signature is not optional.
What code signing is
Code signing attaches a digital signature to a piece of software using a certificate issued to a developer. The signature does two things: it identifies who published the software, and it proves the file has not been altered since it was signed. If even one byte changes afterwards, the signature no longer matches. It is a tamper-evident seal with a name on it.
Why drivers especially must be signed
Ordinary applications run with limited permissions, but a driver runs in the kernel, with full control of the system. Malicious code at that level is catastrophic. Because of this, modern Windows requires kernel-mode drivers to be signed — and signed in a way it specifically trusts. Unsigned kernel code is, by design, very hard to load. The rule exists because the kernel is exactly where you least want unknown code.
What this protects against
Driver signing raises the bar for attackers and for cheats alike. A kernel-level cheat needs kernel-level code, and kernel-level code needs to satisfy the signing requirement. That is a real obstacle — it means a cheat cannot simply load an arbitrary driver. The same requirement is why legitimate anti-cheats invest in properly signed drivers.
Where the model can fail
Signing is not perfect. A signed driver is trusted because of who signed it and because it is unmodified — but it is not automatically safe. A legitimately signed driver that contains a vulnerability is still signed, and attackers have abused exactly that: taking a real, signed-but-flawed driver and using it as a tool. Signing proves origin and integrity; it does not prove the code is well-written.
The takeaway
Code signing proves where software came from and that it has not been tampered with, and Windows requires it for kernel drivers because the kernel is the highest-stakes place to run code. It is a strong protection — but its limit is real: a signature vouches for origin and integrity, not for the absence of flaws.