To disable KMCS in Windows 7 64 bit, What is the difference between
Are both necessary or either one to load unsigned drivers?
Thanks for your help - Daniel
Test signing only concerns KMCS, while integrity checks are about the more broad general code integrity (and they would also run on the 32-bit version).
The long story short is that while the former just takes cares of enforcing the certificate rules, the later is an absolute assload of self-integrity tests, reciprocal checks between the OS loader and the boot manager and last but not least boot files verification.
It is there that they do partially overlap, but of course there is more than just boot-start drivers (and even there, while surely every properly signed image is still a valid binary too, not all .sys files with a correct checksum will necessarily have a WHQL signature or similar - if at all).
I'm just unsure on the minutiae of disabling CI. Like, even with that I believe unsigned drivers still wouldn't be allowed (only testsigned ones if any). So, is it just a remnant of some Vista RTM days guide, or was it a requirement for DSEO and friends?