Starting with UC Ai 1.5, UC Ai 1.5.1 and now with UC 1.8, we're seeing the following issues occur:
- Excessive driver install prompts on Windows 7
- Software won't install at all
We believe the main reason these issues may be seen are for a combination of the following reasons:
- SecureBoot is enabled in the BIOS (which can only be disabled by the computer vendor or Microsoft)
- If someone does a fresh install of Windows (not an upgrade)
- The driver only contains a valid SHA-2 security certificate
It just so happens that Windows 7 that has not been updated will have a problem with loading and recognizing SHA-2 security certificates. If you've recently installed your OS and didn't run any automatic updates or selectively ran a few, chances are your OS may not be able to install software signed with an SHA-2 series security certificate.
NOTE: The operating system must first be enabled to load SHA-2 security certificates.
In order to be able to install an SHA-2 security enabled installer such as UC Ai 1.5.1 or UC 1.8, you must install the security update from Microsoft called KB3033929. It is an accepted practice amongst the PC DAW community to turn off automatic updates and run the system with a stock install of the OS, if your system never got KB3033929 as part of automatic updates, then our software may not have installed correctly because of this.
The download for KB3033929 is available from the Microsoft site here.
Known issues with this KB3033929 security update (take from the Microsoft page here)
Microsoft has pointed out that some users cannot install this security update if their computers meet the following conditions:
- Have a multiple-boot configuration of Windows and various distributions of Linux
- Use a non-Windows boot loader
- Have Windows and Linux installed on separate drives
(Microsoft) has been able to verify that systems that have the Windows boot loader enabled as the primary loader are successfully able to install this update and that systems that have a non-Windows boot loader specified as the primary boot loader cannot install the update, even if the user uses that loader to select Windows.
Microsoft states to work around that issue, you can either use Windows as the default boot loader or you can change your BIOS settings to enable the Windows boot loader directly when you install this update.
Once you have updated to KB3033929, you may still yet run into another issue where you will see multiple warnings that look like this when installing Universal Control AI 1.5, 1.5.1, UC 1.8 or future versions.
The problem is that even if you check the box "Always trust software...", the box will reappear as many as 7 or more of these prompts on Windows 7 SP1 64-Bit and 4 or more with Windows 7 SP1 32-Bit.
Microsoft has acknowledged this is a bug in Windows 7, however has decided not to provide an an automatic update for Windows 7 SP1 that will address it.
There is a solution, however it is not just a simple download, you must go to their site and request it. They will email it to you. Then upon installation, Windows 7 will acknowledge the check box and then it will correctly recognize and install SHA-2 certificate enabled device driver packages.
The full details are available here: https://support.microsoft.com/en-us/kb/2921916
You might be asking, but why did the previous driver work without issue?
Windows 7 and later platforms will stop accepting SHA-1 Code Signed software without time stamps on January 1 st , 2016. Software that includes a time stamp before January 1 st , 2016 will be accepted until January 14 th , 2020, when Windows 7 extended support ends. For more information on this topic read the Global Sign article here.
AudioBox 1.3 and previous releases of UC Ai prior to 1.5 were issued before Jan 1, 2016.
UC Ai 1.5, UC Ai 1.5.1 and UC 1.8 were all issued after Jan 1, 2016.