Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: Publisher Approvals With EnableCertPaddingCheck Enabled

App Control: Publisher Approvals With EnableCertPaddingCheck Enabled

Environment

  • App Control Agent: All Supported Versions
  • App Control Console: All Supported Versions
  • Microsoft Windows: All Supported Versions

Question

Is there any compatibility issue with App Control when adding the registry keys for EnableCertPaddingCheck as outlined in CVE-2013-3900?

Answer

The Agent relies upon the Microsoft API (WinVerifyTrust) to validate certificates, and there are no compatibility concerns in adding the registry information to resolve the CVE.

Additional Notes

  • The Microsoft SignTool can be used to compare against Agent certificate analysis.
  • There is no functionality built into App Control to modify the registry/patch against this CVE.
  • Customers should follow Microsoft's guidance in addressing the CVE in their environment.

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎04-20-2023
Views:
437
Contributors