Absent Authenticode timestamp counter-signature signing time
ID PE181 Level CRITICAL Category Security
Description
Authenticode timestamp counter-signature lacks the signing time attribute. A valid timestamp counter-signature must have the correct signing time attribute.
Mitigation
- When signing an image with
signtool, make sure to pass the/tor/tdoption and the valid timestamp server URL. See thesigntooldescription page for more details.
Arguments
This rule has the following output arguments:
-
signature_info- Readable affected signature name (e.g. "root signature", "timestamp root signature", "nested signature (index 1)")
Loading...
Unable to load this documentation page.