Submission + - Microsoft gets company's code-signing cert revoked
Beryllium Sphere(tm) writes: Australian firm Linchpin Labs released a free tool called Atsiv on July 20 to allow 64-bit Vista users to install unsigned drivers.
It was a simple hack: a signed driver that could install other drivers without checking their signatures.
By August 2, Microsoft had persuaded Verisign to revoke Linchpin's code signing certificate. The revocation takes effect the next time a computer is rebooted.
Scott Field of Microsoft said "Microsoft is committed to protecting its customers from potential as well as actual security threads[sic]".
History buffs may remember a similar incident from 1997 in which the author of an ActiveX control to shut down a computer found his certificate revoked.
Lockergnome coverage of the Linchpin Labs story.
Microsoft announcement of revoking Linchpin's certificate and adding them to the blacklist in Windows Defender as "potentially unwanted software".
It was a simple hack: a signed driver that could install other drivers without checking their signatures.
By August 2, Microsoft had persuaded Verisign to revoke Linchpin's code signing certificate. The revocation takes effect the next time a computer is rebooted.
Scott Field of Microsoft said "Microsoft is committed to protecting its customers from potential as well as actual security threads[sic]".
History buffs may remember a similar incident from 1997 in which the author of an ActiveX control to shut down a computer found his certificate revoked.
Lockergnome coverage of the Linchpin Labs story.
Microsoft announcement of revoking Linchpin's certificate and adding them to the blacklist in Windows Defender as "potentially unwanted software".