Microsoft Updating Static Analysis Requirement for Windows 11 25H2 Driver Certification

As part of our ongoing commitment to improving the quality and reliability of Windows drivers, Microsoft has updated the static analysis requirements for driver certification in the upcoming Windows release.

Static analysis is a foundational requirement of Windows Hardware Compatibility Program. The validation is performed using the Static Tools Logo Test, which leverages CodeQL to identify potential issues in driver code before deployment.

Microsoft periodically reviews and improves the windows driver static analysis requirement. These updates help us stay ahead of the ever-evolving threat landscape while maintaining strong security and reliability standards

This article outlines how to obtain the latest CodeQL query pack and validate your drivers against the updated Microsoft static analysis requirement.

Prerequisites​

Before running the updated static analysis tests, ensure the following components are in place:

1. CodeQL CLI v 2.22.1 or greater
2. Microsoft Windows Drivers CodeQL Query Pack version 1.6.0 or greater
3. Driver source code

Getting Started​

To analyze your driver using the updated static analysis checks:

1. Install the CodeQL CLI and Microsoft Windows Driver CodeQL Query Pack according to this installation guide
2. Build your CodeQL database
3. Analyze your CodeQL database using updated query suites
4. Review and address any issues flagged by the analysis to ensure compliance with WHCP certification requirements.

Early adoption will ensure a smoother Windows driver certification process and improve the overall quality and security of the Windows hardware ecosystem.

For questions or support, please contact your Microsoft representative or create a GitHub repo issue.