We are having an issue loading our driver in safe mode on win11 24h2.
The call to NtLoadDriver returns 0xc000035f STATUS_NOT_SAFE_MODE_DRIVER
The safe boot registry is properly set.
The driver is co signed with our and microsoft certs and loads fine in safe mode on previous versions, including win 11 prior to 24h2. We even attempted to sign it exclusively with microsofts cert, but it still won't load
I couldn't find any documented change or guideline into how to properly sign or load a driver in safe mode on win11 24h2
Any help or direction would be greatly appreciated!
I've managed to solve the issue.
The issue we had is that on earlier versions of windows the name of the driver SERVICE entry (under Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services) was acceptable as name of the safe boot driver load (the key created in Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot)
It seems that some change in Windows 11 24H2 changed this, and now the driver FILE name must be used in the safe boot registry key for the driver to be safe boot loadable, in our case the name of the service and file were different.
Hopefully this helps anyone running into the same issue!