Stop Windows from installing drivers for specific devices
Windows may install drivers for select devices, say the graphics card, under certain circumstances. This happens by default for instance when the device is setup, but may also happen when Microsoft pushes driver updates through Windows Updates.
We published a tutorial -- How to disable driver updates from Windows Update -- previously that highlights three methods to block Microsoft from installing device drivers through Windows Update.
If you need to reinforce the protection, for instance because a Windows Update reset the settings you configured using the previous guide, then you may find this tutorial particularly useful.
It may also be useful if you don't mind the driver installation for some devices, but need to block it for others. If you use a custom color profile for your video card for instance, you may not want Microsoft driver updates for the video card to erase that each time that happens.
Block driver installations for specific devices
The following method requires access to the Group Policy Editor on Windows. This is reserved to professional versions of Windows. Also, the policy works on all versions of Windows from Windows Vista to Windows 10.
The process will block any driver installation or update for the specified devices, and it has priority over any other setting related to the installation of device drivers on Windows.
You need to make sure that the desired driver is installed. If that is the case, great, head over to the second step of the process.
If the Windows driver is installed currently do the following:
- Download the device driver that you want to install.
- Disconnect the PC from the Internet. You may disconnect the Ethernet cable, disable WiFi, or use a program like Net Disabler or Turn Internet Off.
- Open the Windows Device Manager:
- Tap on the Windows-key on the keyboard, type devmgmt.msc, and hit the Enter-key.
- Locate the device in the device listing, right-click on it, and select properties from the context menu.
- Switch to the Drivers tab.
- The next step depends on the Windows version. On Windows 7, you'd select uninstall to uninstall the driver. On Windows 10, you can only select "uninstall device" instead.
- Install the driver that you want used on the Windows machine after the Windows driver has been removed.
Look up the hardware ID
- You need to launch the Device Manager again if it is closed already. Instructions on how to do so are found under 3 above.
- Locate the device again, and select Properties from the context menu.
- Switch to the details tab afterwards.
- Select Hardware IDs from the menu at the top.
- Right-click on the ID, and select Copy from the context menu to copy it to the Windows Clipboard.
Block Driver installations on Windows for that particular device
Here is how you block the installation of drivers for specific devices based on the device's hardware ID:
- Tap on the Windows-key, type gpedit.msc, and hit the Enter-key. This opens the Group Policy Editor on Windows.
- Go to Computer Configuration > Administrative Templates > System > Device Installation > Device Installation Restrictions.
- Double-click on "Prevent installation of devices that match any of these device IDs".
- Switch the status of the preference to enabled.
- Click on the show button afterwards.
- Add hardware IDs for the devices that you don't want Windows to update under value (in each row one device). You can add plug and play hardware IDs or compatible IDs. Note that one hardware ID is enough, you don't need to add all that are listed.
- Click ok once you are done.
This policy setting allows you to specify a list of Plug and Play hardware IDs and compatible IDs for devices that Windows is prevented from installing. This policy setting takes precedence over any other policy setting that allows Windows to install a device.
If you enable this policy setting, Windows is prevented from installing a device whose hardware ID or compatible ID appears in the list you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
If you disable or do not configure this policy setting, devices can be installed and updated as allowed or prevented by other policy settings.
Further information is provided by Microsoft on the company's Technet website.
You can reconnect the device to the Internet at this stage. Windows should from now on ignore the device when it comes to driver updates.
Note that this prevents the installation of driver updates from any source, and that you need to repeat the process above to update drivers.
Why didn’t I know that you can ‘block the installation of drivers for specific devices’ with the Group Policy Editor? Jeez! Thank You Sir!
So much pain and torture to avoid automatic driver install – something you could easily do from Windows 95 to 8.1. Just ignore Windows 10 until the MS CEO is changed again for incurring losses on the More Personal Computing division.
Windows 10, not your operating system anymore.
Technically speaking Windows has never been customers operating system as we only ever licensed it from Microsoft.
Yeah, but who believes in “technicals”. It’s all about CONTROL now, or lack thereof…
Yeah except until windows 10, windows was never used to directly make revenue from its own user base. That is the difference, before windows 10, windows was used to make revenue from selling windows.
A few years ago there was an update for my USB3 adapter & I thought it would improve so let it install. This crashed my computer & would no longer boot. That was the last time I allow any driver updates.
My macrium backup saved the day. Up & running in 20 minutes. I love macrium & it’s free.
Thank you for this. I’ve had trouble with WIndows 10 for weeks now. After installing a recent update I have internet and video playback issues. For now I changed my wifi connection to “metered” to prevent any updates from installing, but with these steps I can get the updates that won’t screw up performance.
This is a good and useful tip, a pity MS made this senseless usability downgrade from previous Windows editions.
You should note that if you set the policy back to “Disabled” or “Not Configured”, all of your device ID entries will be instantly gone and you’ll have to enter them again. How cool is that?
I have a Vaio laptop for secondary use where the gfx is a little wonky and every single windows update ends up in permanently booting to a black screen. Have to have updates disabled and then manually update every 6months or something and have to fix it via safe mode/uninstall driver and works till next time I update. FFS Microsoft can’t just let us actually easily select “don’t update drivers for this part”.
is it possible somehow (i’m confused how policy editor do exactly the opposite of what i need) prevent installation of any USB mass storage device except any of the devices listed somehow somewhere?
it will be usefull for example to prevent the use of any USB sticks but a certain kind of a certain supplier we known to be safe.
Thank you very much the solution worked for disabling the built in keyboard of my laptop.
I had to disable it because it would type random characters
Is there way to prevent uninstalling this selected and installed driver? Windows notices there is a “better driver”, uninstalls my driver, then applies this policy and does not install any driver.
Logitech camera, I need generic video driver.
That was been very useful, thanks alot!
But I have not found policy to prevent driver uninstall.
It says: I want to change this driver. Kill the old driver. Then: ops, I can not install drivers for this device, it is forbidden by policy, sorry.
Any ideas of how to do this for those without group-policy, like “Home edition of windows 10”.
Try “mmc gpedit.msc” in the “Run” window (“Window Key + “R”) or, try this link: https://www.itechtics.com/easily-enable-group-policy-editor-gpedit-msc-in-windows-10-home-edition/ (found this on google after searching for “install gpedit.msc windows 10 home”)
Somehow, I do not see the “Device Installation” folder in “Computer Configuration > Administrative Templates > System”, in the group policy editor. Any thoughts ?
W10 (18363.1016 Enterprise) is still trying to install old intel uhd 620 drivers. I’ve tried all 4 different hardware ID’s associated with it and somehow windows still decides it wants to try and install old outdated drivers. I ended up just blocking the driver update with the wushowhide utility.
Easy and simple way to get rid of that annoying installation sounds every time my pc boots!
Even if everything is working fine on my pc, a sound of driver installation is always present at every boot… and as long I cannot give device manager a path to the proper driver I’m forced to apply this method!
We have 2 older Epson Claria 6-ink printers that have been working fine for years. Periodically, Microsoft AND Apple push an upgrade in the middle of the night and “helpfully” update the Epson drivers. After that, both printers print washed-out useless prints. I learned a while back to go back to the original install CD and re-install the perfectly good original drivers, but not until I’ve wasted expensive paper and ink, because I keep forgetting that it’s not the printer causing the problem.
The fact that both Microsoft and Epson are doing this at more-or-less the same time is disconcerting, making me think Epson (who no longer makes or supports these older 6-color printers) is illegally colluding with both Microsoft and Apple to disable our perfectly good printers, and force us to buy the latest pricy Epson models and really, really, expensive 8-color ink cartridges.
I will now attempt to configure the settings so the annoying Epson driver “upgrade” is blocked on both the Mac and PC printers and cross my fingers that I can end this annoying nightmare. Thank you for your advice!
thanks a bunch, ive been looking for a way to do this