11
I have a 3rd party firewall that alerted me that msiexec.exe was replaced by another version. The timing didn't correspond to an OS update, so I was worried a bad actor replaced the exe. How can I verify the signature of the exe?
EDIT: I found this link at Microsoft which shows this, and it matches on byte size and file date:
I'd feel better if it had a hash too, but it looks like it's not nefarious.
As suggested in harrymc's answer, I ran sfc /scannnow
and it came out clean. Thanks!
2Suspicious indeed, as XP is not in active support. You could maybe check the history in Windows Update and run
sfc /scannow
, if they exists in XP Embedded. Reboot the device before starting. – harrymc – 2018-12-12T20:43:15.9131
sfc /scannow
is exactly what I needed! – Dale – 2018-12-12T20:48:35.8771Since you like it, I added it as an answer. – harrymc – 2018-12-12T20:51:50.653