Software Deployment

A signed driver is basically a digitally signed driver, which means that the driver software is associated with a digital certificate that allows identification of the publisher of the driver. It also ensures that the driver has never been modified by anyone else, as that would corrupt the signed status and make it unsigned.

So using a signed driver will ensure that Windows can automatically install the driver and prevents malicious software to be installed along with the driver. Considering that drivers operate at a very high security level in the operating system, it is very important to use safe drivers.

Windows Vista, Windows 2008 server and Windows 7 already enforce unsigned drivers to be installed using administrator level access, but how can you know for sure that an unsigned driver is safe?

Well, you cannot really. So always make sure that your security software is up to date and active, and make a backup or create a system restore point before you make any changes to your system, especially when installing device drivers.

http://www.microsoft.com/whdc/winlogo/drvsign/drvsign.mspx

By default, unsigned drivers will not automatically install - meaning you'll need elevated rights to install them if your users are not local administrators. Unsigned drivers aren't functionally limited or anything, they are just a bigger pain to deal with because they haven't been digitally signed by the developer. It's similar to an unsigned SSL certificate - it still does the job, you'll just get a bunch of security warnings.