Posted 27 July 2013 - 03:13 AM
If you rely on digital signatures for your Windows file system analysis (malware, forensics, ...), there something I found out recently.
On Windows machines prior to Windows 7, you will find .msi packages in folder %windir%\installer with an invalid signature.
These packages got their digital signature invalidated because of a design error in Windows Installer.
This was fixed in Windows Installer 5.0 (released with Windows 7).
SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.
Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"