I've seen mentions online that drivers that were signed by certificates that were later revoked are still trusted by Windows' driver integrity. Apparently if the file was signed before the revocation date it's still trusted.
Does this apply at the user-mode level as well when using WinVerifyTrust?
