More importantly, the code signing is a security measure. You can in theory vet the signature database by hand preventing the execution of unapproved drivers.

Microsoft normally puts it in revocation mode only, with bad drivers with unfixed holes being blocked.