问题描述
我找到了一个pe文件,当我检查数字证书时,我发现winxp可以识别数字证书,但是win10不能,病毒总数也表明该文件未签名
这是假的数字证书吗? 如何做到这一点?
winxp信息:
enter image description here win10信息
解决方法
Windows XP在签名中使用SHA1哈希,但10上不支持该哈希:
下表显示了哪些操作系统支持SHA-1和SHA-256代码签名:
+---------------------+-------------------------------+------------------------------+
| Windows OS | SHA-1 | SHA-256 |
+---------------------+-------------------------------+------------------------------+
| XP SP3,Server 2003 | Yes | No (need KB968730,KB938397) |
| Vista,Server 2008 | Yes | No (need KB2763674) |
| 7,Server 2008 R2 | No (if signed after 1/1/2016) | Yes (with latest updates) |
| 8.1,Server 2012 R2 | No (if signed after 1/1/2016) | Yes |
| 10,Server 2016 | No (if signed after 1/1/2016) | Yes |
+---------------------+-------------------------------+------------------------------+