How to start in windows 11 device drivers development

c2c5 · August 7, 2025, 5:41am

Hello,
Programming the Microsoft Windows Driver Model 2003 is old or it's still effective?
I need to learn how to dev device drivers for researching, Is the book worked perfect in Windows 11?

Thanks

Tim_Roberts · August 7, 2025, 10:34pm

No. No one should be programming in the Windows Driver Model today. The Windows Driver Framework (KMDF, UMDF) was introduced in 2005 and is the preferred choice in almost every case.

If you tell us what kind of driver you'll be writing, we can offer better advice. If this is for work, taking one of the OSR classes is probably the best starting place.

c2c5 · August 8, 2025, 2:09am

Thanks for your reply, I'm a Security Researcher and need to learn windows kernel programming for research and discovering vulnerabilities in windows kernel and device drivers.
What's the best choice for that?
And for OSR classes, is there's like a class for my situation?

Tim_Roberts · August 9, 2025, 2:30am

I don't know how you "get started" in that field. Usually, you start out as a kernel expert and use that knowledge to move into security.

Given what you say, perhaps the WDM book would be an OK start. KMDF and UMDF are both wrappers around WDM, which actually is the low-level interface to the kernel.

No one is going to teach about Windows vulnerabilities. If you want to learn how kernel programming should be done, then the OSR classes would be a good investment of your time.

Mark_Roddy · August 9, 2025, 2:44pm

The relevant books start with the latest edition of Windows Internals.

You should study the file system mini filter samples from Microsoft on GitHub. Also research registry filters, process and module load callbacks, and network filters.

MrC64 · August 21, 2025, 7:09pm

c2c5: I took the OSR classes live online, and they were all great! Both Peter and Scott are fantastic teachers.

I think for your case you can start with the Windows Internals & Software Drivers, and then take the mini-filters seminar: Developing File System Minifilters for Windows.

If you take those seminars, I'm sure you'll love them! Concepts are explained very well, clearly; one of the great things is that you'll start from a high-level architectural overview, and then progressively you will deep-dive into C code, discussing various technical details and best practices. These OSR seminars are really top quality!