A kernel driver runs at Ring 0, the highest privilege level on Windows. A buggy or malicious driver can do anything — reformat the disk, leak data, install a rootkit. People are right to be wary.
HWIDChanger DOES NOT ship a kernel driver. We operate entirely from user mode through legitimate Windows APIs (NDIS, registry, WMI, DXGI). The risk profile is the same as any signed user-mode utility.
Some competitor utilities ship their own kernel drivers, often unsigned or with a leaked code-signing certificate. We strongly recommend against them. Microsoft routinely revokes such certificates, and a revoked driver can boot-loop your machine.
If you absolutely need a kernel-level operation (e.g. TPM EK rewrite — not supported by us), use only signed drivers from trusted vendors and after carefully reading the code. Trust no "free utilities" from unknown forums.
Our roadmap remains user-mode only. We'd rather give you fewer features at less risk than offer more capability with a non-trivial chance of bricking your system.