Hi hivemind, I am working on a WFP driver project, and looked into Windows driver samples in the github. I understand all the kernel mode drivers need signing, but when I try to run WFPSampler.exe, a user mode application, it just cannot run, with the error “code integrity determined that the image hash of a file is not valid” in the auditing logs. If I sign this application with a test cert, everything works. What I don’t understand is why this very user mode application needs signing. I couldn’t find an explanation in the internet. Thank you folks. Hao
If you build an executable with the /INTEGRITYCHECK flag to the linker, it will not run unless it is signed. You should be able to adjust the properties in Visual Studio or in the vcxproj to eliminate that.
@Tim_Roberts said:
If you build an executable with the /INTEGRITYCHECK flag to the linker, it will not run unless it is signed. You should be able to adjust the properties in Visual Studio or in the vcxproj to eliminate that.
Thank you very much, never thought the answer is so simple, struggled with this issue for a long time