Windows 10 to get a dedicated OEMDRIVERS folder

Microsoft is adding a dedicated OEMDRIVERS folder to Windows 10 that will be used to store third-party drivers.

Since Windows Vista, the operating system has included a folder called %SystemRoot%\System32\DriverStore that is used to hold validated drivers for the operating system.

To prevent tampering of hardware drivers, Windows only allows the installation of drivers located in the DriverStore. Before a driver is added to the DriverStore the operating system will first verify its digital signature to confirm it has not been maliciously modified.

In current versions of Windows 10, all drivers, whether they be Microsoft or third-party drivers, are stored together in the DriverStore.

It appears this is about to change as Windows hacker Albacore has discovered a hidden feature in the Windows 10 21H2 preview build 21343 that creates a dedicated folder for third-party drivers.

A dedicated OEMDRIVERS folder

This feature is called ‘Writeable_DriverStore,’ and when enabled, will cause Windows 10 to migrate all third-party drivers to a dedicated OEMDRIVERS folder when a new version of the operating system is installed.

This folder is located under C:\Windows\OEMDRIVERS rather than the C\Windows\System32 folder where the current DriverStore is located.

New Windows 10 OEMDRIVERS folder

For this feature to work, it must be enabled before the first boot of a new version of Windows 10. Once it is enabled and the new version is installed, Windows 10 will automatically migrate external drivers to the OEMDRIVERS folder.

“Can confirm that by enabling it ASAP all driver installations are redirected. Here’s a fresh 21343 VM with the feature enabled before 1st boot: both inbox printing extras and VMware tools drivers are now in OEMDRIVERS,” Albacore tweeted while sharing the following image of the moved drivers.

Drivers migrated by new Windows 10 feature

While this feature will not have an outward benefit to users, it allows Microsoft to move third-party libraries outside of the C:\Windows\System32 folder.

The C:\Windows\system32 folder has always been meant to store only the trusted files necessary for the operating system to function.

Unfortunately, it has also become a location where non-Microsoft developers host their own executables and drivers over the years.

By moving third-party files outside of System32, it could allow Microsoft to further tighten the folder’s security, and thus the operating system itself.

Source: BleepingComputer