Stop Windows from installing drivers for specific devices
Windows may install drivers for select devices, say the graphics card, under certain circumstances. This happens by default for instance when the device is setup, but may also happen when Microsoft pushes driver updates through Windows Updates.
We published a tutorial -- How to disable driver updates from Windows Update -- previously that highlights three methods to block Microsoft from installing device drivers through Windows Update.
If you need to reinforce the protection, for instance because a Windows Update reset the settings you configured using the previous guide, then you may find this tutorial particularly useful.
It may also be useful if you don't mind the driver installation for some devices, but need to block it for others. If you use a custom color profile for your video card for instance, you may not want Microsoft driver updates for the video card to erase that each time that happens.
Block driver installations for specific devices
The following method requires access to the Group Policy Editor on Windows. This is reserved to professional versions of Windows. Also, the policy works on all versions of Windows from Windows Vista to Windows 10.
The process will block any driver installation or update for the specified devices, and it has priority over any other setting related to the installation of device drivers on Windows.
You need to make sure that the desired driver is installed. If that is the case, great, head over to the second step of the process.
If the Windows driver is installed currently do the following:
- Download the device driver that you want to install.
- Disconnect the PC from the Internet. You may disconnect the Ethernet cable, disable WiFi, or use a program like Net Disabler or Turn Internet Off.
- Open the Windows Device Manager:
- Tap on the Windows-key on the keyboard, type devmgmt.msc, and hit the Enter-key.
- Locate the device in the device listing, right-click on it, and select properties from the context menu.
- Switch to the Drivers tab.
- The next step depends on the Windows version. On Windows 7, you'd select uninstall to uninstall the driver. On Windows 10, you can only select "uninstall device" instead.
- Install the driver that you want used on the Windows machine after the Windows driver has been removed.
Look up the hardware ID
- You need to launch the Device Manager again if it is closed already. Instructions on how to do so are found under 3 above.
- Locate the device again, and select Properties from the context menu.
- Switch to the details tab afterwards.
- Select Hardware IDs from the menu at the top.
- Right-click on the ID, and select Copy from the context menu to copy it to the Windows Clipboard.
Block Driver installations on Windows for that particular device
Here is how you block the installation of drivers for specific devices based on the device's hardware ID:
- Tap on the Windows-key, type gpedit.msc, and hit the Enter-key. This opens the Group Policy Editor on Windows.
- Go to Computer Configuration > Administrative Templates > System > Device Installation > Device Installation Restrictions.
- Double-click on "Prevent installation of devices that match any of these device IDs".
- Switch the status of the preference to enabled.
- Click on the show button afterwards.
- Add hardware IDs for the devices that you don't want Windows to update under value (in each row one device). You can add plug and play hardware IDs or compatible IDs. Note that one hardware ID is enough, you don't need to add all that are listed.
- Click ok once you are done.
This policy setting allows you to specify a list of Plug and Play hardware IDs and compatible IDs for devices that Windows is prevented from installing. This policy setting takes precedence over any other policy setting that allows Windows to install a device.
If you enable this policy setting, Windows is prevented from installing a device whose hardware ID or compatible ID appears in the list you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
If you disable or do not configure this policy setting, devices can be installed and updated as allowed or prevented by other policy settings.
Further information is provided by Microsoft on the company's Technet website.
You can reconnect the device to the Internet at this stage. Windows should from now on ignore the device when it comes to driver updates.
Note that this prevents the installation of driver updates from any source, and that you need to repeat the process above to update drivers.