Executable is not signed
ID PE017 Level ERROR Category Security
Description
The executable is not signed. This enables the attacker to do modifications to the disk image of the executable without being detected.
Mitigation
Sign the executable with the Authenticode digital signature. Certificate acquisition and signature process varies depending on the executable type (i.e. Windows drivers, .NET applications, Native applications have somewhat different processes). Some code signing information could be found in the official Microsoft resources:
- Introduction to Code Signing
- Using SignTool to Sign a File
- Driver Signing
- Sign an assembly with a strong name
Arguments
This rule has no output arguments.
Loading...
Unable to load this documentation page.