Microsoft Authenticode is a signing technology used to apply digital signatures to software. It is used to provide author information and prevent modification of executables, including drivers.
Questions tagged [authenticode]
4 questions
20
votes
3 answers
Transferring Microsoft SmartScreen reputation to renewed certificate
I know that even a software signed with a new code signing certificate triggers Microsoft Defender SmartScreen warning:
Windows Defender SmartScreen prevented an unrecognized app from starting
The warning goes away only after the certificate…
Martin Prikryl
- 493
- 5
- 21
2
votes
0 answers
Can I sign with two Code Signing certs to build reputation on the newer one?
I recently acquired a Microsoft Authenticode Code-signing certificate as a new certificate using an identical name to another one which will expire soon.
Obviously, the new certificate has no reputation attached to it, and will take some time and…
Daniel
- 21
- 4
1
vote
3 answers
Are all fields of the PE certificate directory hashed during authenticode signing?
In a Windows portable executable (PE) file the certificate directory points to an offset to a WIN_CERTIFICATE structure. My understanding is that while the field is named bCertificate, it actually contains an array of certificates in ASN.1 format in…
Polynomial
- 132,208
- 43
- 298
- 379
0
votes
0 answers
Switching CSC certificate issuer and SmartScreen
We have most of our SSL certificates hosted at GoDaddy but have Standard Code signing certificate from GlobalSign, we would like to switch to GoDaddy CSC since our CSC from GlobalSign is expiring in 3 months.
How would this affect MS SmartScreen,…
formatc
- 101
- 1