6

Microsoft's Media Creation Tool to create Windows 10 installation media has a SHA1 digital signature and a SHA256 digital signature (shown via file properties). However, the certificate for SHA256 signature shows "valid to" field as Saturday, February 17, 2018. SHA1 certificate is valid till August 11, though. Windows still shows the signature to be OK and does not complain about running the tool. Is it really safe to run the tool with expired SHA256 certificate?

user172148
  • 61
  • 2

2 Answers2

5

What a signature means: The signature means that the program hasn't been tampered with after being signed. (Ex. inserting malware into it would break the signature) Signatures don't prove whether a program is safe, just that it hasn't been modified since it was signed.

Although the SHA256 signature has expired, this doesn't necessarily mean that the signature can no longer be trusted, so long as Microsoft has kept that private key safe. The file hasn't been modified to break the SHA256 signature, it's just time for them to switch keys, so Microsoft doesn't have to hang onto and protect old keys forever. It also means that if the key is compromised and it can't be revoked, it will eventually expire on its own.

Unless Microsoft's private key was compromised between February 17 and now, the expiration date doesn't matter. If the key was compromised and used to sign something evil before February 17, the expiration date wouldn't save you.

TL;DR: It's almost certainly from Microsoft, but they should sign it again.

Jcoscia
  • 51
  • 4
  • In this particular case, since I downloaded from the official Microsoft site over https, I believe, I can be certain of its authenticity. However, in a general case, from what I understand from your answer, is to be careful if the signatures have expired. – user172148 Mar 05 '18 at 18:57
  • Also, the timestamp signature validates that the signing took place in September 2017 (during which time the code signing certificate was valid). This is an essential part of code signing (otherwise, apps would 'break' once the code signing certificate expires). – Scovetta Mar 06 '18 at 04:33
3

Microsoft executable signing (Authenticode) can use a timestamped countersignature from a trusted third-party to prove that the certificate used for signing was valid at the time of signing. This is to solve the problem that it is unsafe to issue a certificate with a long validity.

So as long as the countersignature is valid (and the original signing certificate was not known to be compromised at the time of signing), the signature can be trusted. This is the status the signature properties window will report at the top:

screenshot

billc.cn
  • 3,852
  • 1
  • 16
  • 24