KB2915720: Changes in Windows Authenticode Signature Verification

Info Nessus Plugin ID 71322


The remote Windows host has not enabled a recommended Windows Authenticode configuration change.


The remote Windows host has not enabled the Windows Authenticode signature verification certificate padding check. This means extraneous information can be included in signed binaries.

Note that Microsoft announced on July 29, 2014, that it no longer plans to enforce the stricter signature verification behavior by default, which would have caused previously-signed binaries to be considered unsigned if they contained extraneous information in the WIN_CERTIFICATE structure of the signed executable. It does, though, remain an opt-in feature.

Note also that this plugin will report if the Windows Authenticode signature verification has been enabled provided that the 'Report paranoia' Global variable setting preference is set to 'Paranoid (more false alarms)'.


Apply the suggested actions referenced in Microsoft Security Advisory (2915720). These actions may cause previously signed binaries to be considered unsigned. Refer to the advisory for more information.

See Also


Plugin Details

Severity: Info

ID: 71322

File Name: smb_kb2915720.nasl

Version: $Revision: 1.5 $

Type: local

Agent: windows

Family: Windows

Published: 2013/12/11

Modified: 2014/07/30

Dependencies: 13855

Risk Information

Risk Factor: Info

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/Registry/Enumerated, SMB/WindowsVersion, Settings/ParanoidReport

Patch Publication Date: 2013/12/10