Intel® NUCs
Support for Intel® NUC products
Announcements
This community is designed for sharing of public information. Please do not share Intel or third-party confidential information here.
11886 Discussions

NUC Intel Graphics Drivers Using Invalid Digital Signing Certificate

idata
Community Manager
‎02-03-2018 07:01 PM
2,026 Views

In Security Mitigation events found in Windows Event Viewer there are events recorded for DLL's related to Intel Graphics stating that they are not signed properly. At the moment these are still allowed to be loaded as 'Code Integrity Guard' in Windows Defender Security Centre https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/customize-... Exploit Protection is currently only set to 'Audit' mode for svchost.exe (the default Windows 10 setting) rather than enabled fully.

The Windows Hardware Developer Portal certificates for the DLL's are OK and signed by Microsoft with SHA256 certificates (signed on 20 October 2017), however the Intel certificates don't have a valid root certificate. The root certificate is iKGF_AZSKGFDCS (issued by "Microsoft Digital Media Authority 2005"), which isn't a valid root certificate. The Intel leaf certificates also aren't time-stamped.

The two DLL's that are flagged in Event Viewer are as follows, however there are other Intel DLL's in System32 that are signed the same way.

  • Process '\Device\HarddiskVolume4\Windows\System32\svchost.exe' (PID 2356) would have been blocked from loading the non-Microsoft-signed binary '\Windows\System32\igdusc64.dll'. (Unified Shader Compiler for Intel(R) Graphics Accelerator)

  • Process '\Device\HarddiskVolume4\Windows\System32\svchost.exe' (PID 2356) would have been blocked from loading the non-Microsoft-signed binary '\Windows\System32\igd10iumd64.dll'. (User Mode Driver for Intel(R) Graphics Technology)

Is there a reason why these aren't signed by Intel using a proper trusted root certificate?

Screenshot of one of the Event Viewer entries:

 

Screenshot of igdusc64.dll File Properties:

 

Screenshot of igdusc64.dll leaf certificate details:

 

Screenshot of igdusc64.dll root certificate details:

 

Screenshot of Intel Graphics Driver properties:

--------------------------------------------------------

NUC - NUC5i7RYH

 

Windows 10 Pro - 16299.214

 

Drivers supplied via Windows Update
Preview file
35 KB
Preview file
38 KB
Preview file
147 KB
Preview file
48 KB
Preview file
28 KB
0 Kudos

Link Copied

6 Replies
idata
Community Manager
‎02-05-2018 11:44 AM
710 Views

Hello Dapaul,

 

 

Thank you so much for contacting us.

 

We received your thread and I understand that you are having issues with our latest Intel drivers for your Intel NUC5i7RYH.

 

Please accept our apologies for the inconvenience that this could be causing.

 

All the information attached to the account was extremely helpful.

 

 

We are currently performing further research about the issue that you have been experiencing in order to provide you with a more accurate answer regarding the problem.

 

This may cause a brief delay on our replies; I really appreciate your patience.

 

 

As soon as we have the results I will share the resolution with you.

 

 

Hope to hear from you soon.

 

 

Best regards,

 

Diego S.

 

0 Kudos
Copy link
idata
Community Manager
‎02-13-2018 10:03 AM
710 Views
In response to idata

Hello Dapaul,

 

 

Thank you for your patience.

 

I just wanted to inform you that we are reviewing your case.

 

As soon as I have an answer I will get in touch with you.

 

 

Best Regards,

 

Diego S.
In response to idata
0 Kudos
Copy link
idata
Community Manager
‎02-13-2018 02:27 PM
710 Views
In response to idata

Hi Diego

That's fine. Thanks for keeping me informed.

In response to idata
0 Kudos
Copy link
idata
Community Manager
‎05-10-2018 07:53 AM
710 Views
In response to idata

Hello Dapaul,

 

Thank you for your patience, we really appreciate it.

 

We have released a new 15.40 driver, version 15.40.38.4963 that has gone through WHQL (Windows Hardware Quality Labs) thus there should be no issue with the .dll signatures.

 

Can you go ahead please perform an update and then let us know the outcome?

 

Here is the direct download link:

 

https://downloadcenter.intel.com/download/27780

 

I hope to hear from you soon.

 

Best Regards,

 

Diego S.

 

In response to idata
0 Kudos
Copy link
idata
Community Manager
‎05-15-2018 08:48 AM
710 Views
In response to idata

Hello Dapaul,

 

I was checking your case, and I just wanted to know if there is anything else that we can do for you at this time.

 

Please do not hesitate on replying back if you need more assistance.

 

Best Regards,

 

Diego S.

 

In response to idata
0 Kudos
Copy link
tm-go
Beginner
‎06-01-2022 05:53 AM
78 Views

Hi-

 

 This problem is still present (as of 06/01/2022). Yesterday I downloaded Intel graphics drivers (igfx_win_101.1994.exe) from Intel's site (which arrived with the same problem) and today Windows Update downgraded the driver version; however, I ended up with the same problem. Why is this difficult to get right on your side? Thanks

From the Event Log (Applications and Services Logs->Microsoft->Windows->CodeIntegrity->Operational):

Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0c2fb894eee0c51f\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Certificate issueCertificate issueDriver versionDriver version

0 Kudos
Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.