CVE-2013-3900 - Githubissues

Harvester57 / Security-ADMX

Custom ADMX template focused on hardening Windows 10 & Windows 11 systems

74 stars 8 forks source link

CVE-2013-3900 #18

Closed Deas-h closed 1 year ago

Deas-h commented 1 year ago

Hello, another one that was discovered on a recent internal sec-check:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2013-3900

Is this something you would add?

Brgds Deas

Harvester57 commented 1 year ago

Hi,

This particular policy is already included since release v1.0.17 (cf. https://github.com/Harvester57/Security-ADMX/issues/4 and https://github.com/Harvester57/Security-ADMX/commit/ad2a697c35b27b5594830c0171bba286af137611), but the strict authentication mechanism was fixed in v1.0.29, as I was wrongly using a DWORD type for the key, while I should have used a REG_SZ (cf. https://github.com/Harvester57/Security-ADMX/commit/a247e75cc19038a9f88a587fe0249c594ed23cec)

The policy is named "Enable the strict Authenticode signature verification mechanism" under "Additional system hardening settings".

Best regards !

Deas-h commented 1 year ago

Oh - Sorry!!!!!