Malicious Process Detection: Authenticode Signed Bad Date

info Nessus Plugin ID 104854

Synopsis

Nessus found trusted signed processes for which today's date falls outside of the Not Before and Not After certificate dates on the remote host.

Description

Running processes that are signed and trusted but today's date falls outside of the Not Before and Not After certificate dates. These processes still validate as trusted.

Solution

Obtain an updated version from the vendor that has been signed with a newer certificate.

See Also

http://www.nessus.org/u?6a0123a1

http://www.nessus.org/u?c7777bf7

Plugin Details

Severity: Info

ID: 104854

File Name: wmi_malware_authenticode_bad_date.nbin

Version: 1.149

Type: local

Agent: windows

Family: Windows

Published: 11/29/2017

Updated: 3/26/2024

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: malscan/enabled