![]() Why did Microsoft release the patch this way, and did not integrate it directly into Windows? The extensive FAQ on the support page provides an answer. Delete the listed Registry values to undo the change at any time.Įnabling the changes will make non-confirming binaries "appear unsigned" and be rendered untrusted as a consequence. We have uploaded a Zip archive with Registry files for 32-bit and 64-bit versions of Windows: windows-registry-fixĪll you need to do is double-click on the file to add the information to the Registry (a verification prompt is displayed, which you need to allow).Ī restart of the system is required. Note: you need to paste the code into a plain text file and rename its file extension, so that it is. Windows 64-bit versions may be protected with the following Registry code: Microsoft published an opt-in fix to address the issue in 2013, and it has been valid ever since. How to protect Windows devices against the attacks What makes the attack special is that the attackers are exploiting CVE-2013-3900, WinVerifyTrust Signature Validation Vulnerability, which Microsoft confirmed in 2013 for the first time and has updated in early 2022 with additional information. Two DLL files used by the desktop application were modified by the threat actors to include malware, more precisely, an information-stealing trojan. ![]() The attackers managed to include malware into the company's desktop application for Windows. ![]() If that was not enough, it appears that upgrades to Windows 11 may drop the fix, if applied in the Windows Registry.īleeping Computer reported this week that the VOIP communications company 3CX was compromised. What makes this exploit even more problematic is the fact that a fix is available, but that it is opt-in. Most security solutions check for signatures when they check files on Windows machines. ![]() Digital signatures are used on Windows to determine the authenticity of files. ![]()
0 Comments
Leave a Reply. |