Windows 8.1 Certification
Locked
Windows 8.1 Certification
 
|
Hi, When running Microsoft's Windows certification software, I run into some issues.
1) As sort of expected visual.exe is allready signed by Cincom, which is nothing but normal. However attacking the executable with ressource hacker to change the icons inside the executable (something we're used to), makes the cincom signature invalid, and to overcome you need to whitelist your hacked executable with your antivirus vendor .. For as far as I can see the solution is that cincom supplies an unsigned visual.exe for deployments or otherwise you needto compile your own executable and sign it yourself. So lets say this is not a "real" problem.
2) More annoying however it the fact that all the exe and dll's (including Cairo SQLite etc) are compiled in a way that makes windows complaining with the following warnings:
Windows App Certification Kit - Test Results Binary analyzer
The entire report is here: https://www.dropbox.com/s/6g0fneeu1ed9t21/results.xml?dl=0
Regards,
Maarten MOSTERT
28 Av Alphonse Denis 83400 Hyères, France +33 676411296
_______________________________________________ vwnc mailing list [hidden email] http://lists.cs.uiuc.edu/mailman/listinfo/vwnc |
Re: Windows 8.1 Certification
|
Hi, The first is easy: Cincom support supply a DeleteSignature.exe file that deletes any existing signature from an exe, so you can add resources with ResHacker. You can then optionally re-sign with your own signature – obviously you can’t sign with Cincom’s signature, and nor can they after you’ve changed the exe. DeleteSignature is available as VW Resolution 96328 (ObjectStudio 8.2.0 Res98511). All the best, Steve From: [hidden email] [mailto:[hidden email]] On Behalf Of [hidden email] Hi, When running Microsoft's Windows certification software, I run into some issues. 1) As sort of expected visual.exe is allready signed by Cincom, which is nothing but normal. However attacking the executable with ressource hacker to change the icons inside the executable (something we're used to), makes the cincom signature invalid, and to overcome you need to whitelist your hacked executable with your antivirus vendor .. For as far as I can see the solution is that cincom supplies an unsigned visual.exe for deployments or otherwise you needto compile your own executable and sign it yourself. So lets say this is not a "real" problem. 2) More annoying however it the fact that all the exe and dll's (including Cairo SQLite etc) are compiled in a way that makes windows complaining with the following warnings: Windows App Certification Kit - Test Results Binary analyzer · The binary analyzer test detected the following errors: o File C:\Windows\System32\sqlite3.dll has failed the NXCheck check. o File C:\Windows\System32\sqlite3.dll has failed the DBCheck check. o File C:\Windows\System32\sqlite3.dll has failed the SafeSEHCheck check. o File C:\Program Files\StakePoint\BACKUP\sqlite3.0001 has failed the NXCheck check. o File C:\Program Files\StakePoint\BACKUP\sqlite3.0001 has failed the DBCheck check. o File C:\Program Files\StakePoint\BACKUP\sqlite3.0001 has failed the SafeSEHCheck check. o File C:\Program Files\StakePoint\zlib1.dll has failed the NXCheck check. o File C:\Program Files\StakePoint\zlib1.dll has failed the DBCheck check. o File C:\Program Files\StakePoint\zlib1.dll has failed the SafeSEHCheck check. o File C:\Program Files\StakePoint\stakepoint.exe has failed the SafeSEHCheck check. o File C:\Program Files\StakePoint\sqlite3.dll has failed the NXCheck check. o File C:\Program Files\StakePoint\sqlite3.dll has failed the DBCheck check. o File C:\Program Files\StakePoint\sqlite3.dll has failed the SafeSEHCheck check. o File C:\Program Files\StakePoint\pacparser.dll has failed the NXCheck check. o File C:\Program Files\StakePoint\pacparser.dll has failed the DBCheck check. o File C:\Program Files\StakePoint\pacparser.dll has failed the SafeSEHCheck check. o File C:\Program Files\StakePoint\msvcr100.dll has failed the ExecutableImportsCheck check. o File C:\Program Files\StakePoint\libpng15-15.dll has failed the NXCheck check. o File C:\Program Files\StakePoint\libpng15-15.dll has failed the DBCheck check. o File C:\Program Files\StakePoint\libpng15-15.dll has failed the SafeSEHCheck check. o File C:\Program Files\StakePoint\libpixman-1-0.dll has failed the NXCheck check. o File C:\Program Files\StakePoint\libpixman-1-0.dll has failed the DBCheck check. o File C:\Program Files\StakePoint\libpixman-1-0.dll has failed the SafeSEHCheck check. o File C:\Program Files\StakePoint\libcairo-2.dll has failed the NXCheck check. o File C:\Program Files\StakePoint\libcairo-2.dll has failed the DBCheck check. o File C:\Program Files\StakePoint\libcairo-2.dll has failed the SafeSEHCheck check. · If the app doesn’t use the available Windows protections, it can increase the vulnerability of the customer's computer to malware. · Apply the SAFESEH, DYNAMICBASE, and NXCOMPAT options when you link the app. See link below for more information: The entire report is here: https://www.dropbox.com/s/6g0fneeu1ed9t21/results.xml?dl=0 Regards, Maarten MOSTERT
28 Av Alphonse Denis 83400 Hyères, France +33 676411296 _______________________________________________ vwnc mailing list [hidden email] http://lists.cs.uiuc.edu/mailman/listinfo/vwnc |
Re: Windows 8.1 Certification
|
|
In reply to this post by Maarten Mostert
Regarding 1) Altering an exe will *allways* break any signing. If you need to do this then:
1) remove the existing signature
2) alter the binary
3) sign with your own certificate
From: [hidden email] [mailto:[hidden email]]
On Behalf Of [hidden email] Hi, When running Microsoft's Windows certification software, I run into some issues. 1) As sort of expected visual.exe is allready signed by Cincom, which is nothing but normal. However attacking the executable with
ressource hacker to change the icons inside the executable (something we're used to), makes the cincom signature invalid, and to overcome you need to whitelist your hacked executable with your antivirus vendor .. For as far as I can see the solution is that
cincom supplies an unsigned visual.exe for deployments or otherwise you needto compile your own executable and sign it yourself. So lets say this is not a "real" problem. 2) More annoying however it the fact that all the exe and dll's (including Cairo SQLite etc) are compiled in a way that makes windows
complaining with the following warnings: Windows App Certification Kit - Test Results Binary analyzer
·
The binary analyzer test detected the following errors:
o
File C:\Windows\System32\sqlite3.dll has failed the NXCheck check.
o
File C:\Windows\System32\sqlite3.dll has failed the DBCheck check.
o
File C:\Windows\System32\sqlite3.dll has failed the SafeSEHCheck check.
o
File C:\Program Files\StakePoint\BACKUP\sqlite3.0001 has failed the NXCheck check.
o
File C:\Program Files\StakePoint\BACKUP\sqlite3.0001 has failed the DBCheck check.
o
File C:\Program Files\StakePoint\BACKUP\sqlite3.0001 has failed the SafeSEHCheck check.
o
File C:\Program Files\StakePoint\zlib1.dll has failed the NXCheck check.
o
File C:\Program Files\StakePoint\zlib1.dll has failed the DBCheck check.
o
File C:\Program Files\StakePoint\zlib1.dll has failed the SafeSEHCheck check.
o
File C:\Program Files\StakePoint\stakepoint.exe has failed the SafeSEHCheck check.
o
File C:\Program Files\StakePoint\sqlite3.dll has failed the NXCheck check.
o
File C:\Program Files\StakePoint\sqlite3.dll has failed the DBCheck check.
o
File C:\Program Files\StakePoint\sqlite3.dll has failed the SafeSEHCheck check.
o
File C:\Program Files\StakePoint\pacparser.dll has failed the NXCheck check.
o
File C:\Program Files\StakePoint\pacparser.dll has failed the DBCheck check.
o
File C:\Program Files\StakePoint\pacparser.dll has failed the SafeSEHCheck check.
o
File C:\Program Files\StakePoint\msvcr100.dll has failed the ExecutableImportsCheck check.
o
File C:\Program Files\StakePoint\libpng15-15.dll has failed the NXCheck check.
o
File C:\Program Files\StakePoint\libpng15-15.dll has failed the DBCheck check.
o
File C:\Program Files\StakePoint\libpng15-15.dll has failed the SafeSEHCheck check.
o
File C:\Program Files\StakePoint\libpixman-1-0.dll has failed the NXCheck check.
o
File C:\Program Files\StakePoint\libpixman-1-0.dll has failed the DBCheck check.
o
File C:\Program Files\StakePoint\libpixman-1-0.dll has failed the SafeSEHCheck check.
o
File C:\Program Files\StakePoint\libcairo-2.dll has failed the NXCheck check.
o
File C:\Program Files\StakePoint\libcairo-2.dll has failed the DBCheck check.
o
File C:\Program Files\StakePoint\libcairo-2.dll has failed the SafeSEHCheck check.
·
If the app doesn’t use the available Windows protections, it can increase the vulnerability of the customer's computer to malware.
·
Apply the SAFESEH, DYNAMICBASE, and NXCOMPAT options when you link the app. See link below for more information: The entire report is here: https://www.dropbox.com/s/6g0fneeu1ed9t21/results.xml?dl=0 Regards, Maarten MOSTERT
28 Av Alphonse Denis 83400 Hyères, France +33 676411296 _______________________________________________ vwnc mailing list [hidden email] http://lists.cs.uiuc.edu/mailman/listinfo/vwnc |
| Free forum by Nabble | Edit this page |