Changes in Windows Authenticode Signature Verification – Version: 1.3

Revision Note: V1.3 (May 21, 2014): Revised advisory to reflect new August 12, 2014 cut-off date for when non-compliant binaries will no longer be recognized as signed. Now, instead of a June 10, 2014 cut-off date, the dormant changes implemented with MS13-098 will be enabled August 12, 2014.
Summary: Microsoft is announcing the availability of an update for all supported releases of Microsoft Windows to change how signatures are verified for binaries signed with the Windows Authenticode signature format. The change is included with Security Bulletin MS13-098, but will not be enabled until August 12, 2014. Once enabled, the new default behavior for Windows Authenticode signature verification will no longer allow extraneous information in the WIN_CERTIFICATE structure. Note that after August 12, 2014, Windows will no longer recognize non-compliant binaries as signed.

Leave a Reply