OSR Developer Community

Is `PnpLockdown = 1` mandatory for minifilterdriver signing?

Keiko_Chou May 16, 2025, 10:38am 1

Hi All,

I may have missed something, but is specifying PnpLockdown=1 now mandatory for signing a minifilter driver? I started seeing the error message since May 13rd but never saw this before.

Error 1324 in xxx.Inf, line 3 : [Version] section should specify PnpLockdown=1 to prevent external apps from modifying installed driver files.

Failed INF validation. INF did not pass Desktop validation.

Thanks

Dejan_Maksimovic May 17, 2025, 8:06am 2

I thought it was mandatory for years now.
Had it for quite a few in my INFs, due to this.

Scott_Noone_OSR May 17, 2025, 3:02pm 3

If you set your target platform to Universal instead of Desktop then this should just be a warning instead of an error (Project Properties->Driver Settings->Target Platform).

Though setting PnpLockdown is generally just good hygiene at this point.