Microsoft is isolating Windows 10 third-party drivers to improve stability and security
Drivers are very important to the operating system. The operating system needs drivers to connect to software or hardware and provide higher operating permissions.
However, the driver may also be the cause of the security and stability of the operating system. After all, the quality of the drivers developed by third-party hardware manufacturers is not uniform.
Microsoft has complained about this kind of driver before and said that many problems in Windows 10 are caused by the driver. Now Microsoft is ready to change this situation.
Currently, in Windows 10, the drivers are placed in the DriverStore folder, which includes both the drivers released by Microsoft and third-party drivers.
In Windows 10 Insider Preview, Microsoft added an OEMDRIVERS folder in the system directory, which is specifically used to store manufacturer drivers.
Presumably, the reason why Microsoft separated the OEM driver from the system driver should be based on security and stability considerations, that is, to improve system stability.
For example, after the separation, Microsoft can provide higher permissions for the system core driver, while the OEM version of the driver can provide the necessary basic permissions.
At the same time, the OEM version of the driver can be sandboxed and directly isolated from the host computer, which can also reduce potential security problems caused by the driver.
After all, many drivers have vulnerabilities and the manufacturer’s technical defects are sometimes not fixed in time. It is more convenient for Microsoft to manage after isolation.
At present, these improvements are only tested in the Windows 10 Insider Preview. Of course, these improvements can be regarded as part of the Sun Valley project and will be officially launched in the fall.
What needs to be emphasized is that the Sun Valley project not only includes changes in the appearance of Windows 10 but also includes improvements to built-in applications and some system options.
As for whether the isolation of third-party drivers is effective, it still needs to be observed. After all, Microsoft is only performing isolation and not executing the driver through the sandbox.
And Microsoft did not give a detailed description of this function, but according to our guess, Microsoft should soon release relevant supporting documents explaining such improvements.
Via: windowslatest