CVE-2013-3900
Deas-h opened this issue · comments
Deas-h commented
Hello, another one that was discovered on a recent internal sec-check:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2013-3900
Is this something you would add?
Brgds Deas
Florian Stosse commented
Hi,
This particular policy is already included since release v1.0.17 (cf. #4 and ad2a697), but the strict authentication mechanism was fixed in v1.0.29, as I was wrongly using a DWORD type for the key, while I should have used a REG_SZ (cf. a247e75)
The policy is named "Enable the strict Authenticode signature verification mechanism" under "Additional system hardening settings".
Best regards !
Deas-h commented
Oh - Sorry!!!!!