VULHUB ™

It has been reported that files signed using code-signing certificates issued by any trusted root CAs will be trusted by WFP. This includes operating system files and device drivers. Consequently, any attacker in possession of a code signing certificate rooted at any trusted CA may create malicious code signed with the certificate that will be trusted.

It has been reported that files signed using code-signing certificates issued by any trusted root CAs will be trusted by WFP. This includes operating system files and device drivers. Consequently, any attacker in possession of a code signing certificate rooted at any trusted CA may create malicious code signed with the certificate that will be trusted.