neowin[.]net/news/microsoft-is-changing-a-windows-kernel-policy-thats-been-around-for-decades/
For almost everyone this will be a non-event. However, this is Microsoft after all, a company that struggles to produce monthly updates that don't break things. It *should* be perfectly safe, since the new policy will launch in evaluation mode, plus use a list of old but good drivers that will be allowed. And tightening up on drivers is a good thing, since using old drivers with vulnerabilities is a favorite tactic used by malware campaigns. But, if something breaks and it's potentially driver related, this new policy would be a good place to look if/when trying to find a fix.
Starting from April 2026, the Windows kernel will only accept drivers that have been signed through its Windows Hardware Compatibility Program (WHCP). However, for compatibility reasons, Microsoft will still maintain an explicit allow list that will allow the kernel to load old, but reputable, drivers vetted through the cross-signed root program.
Microsoft understands that some environments may rely on legacy drivers for compatibility reasons. This is why the new kernel trust policy will initially launch in evaluation mode, which will monitor and audit your system hours and boots over a period of time.