Closed Harvester57 closed 1 year ago
Cf. https://attack.mitre.org/techniques/T1553/004/ & https://posts.specterops.io/code-signing-certificate-cloning-attacks-and-defenses-6f98657fc6ec
HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\ProtectedRoots - Flags (REG_DWORD) - 1
Added in https://github.com/Harvester57/Security-ADMX/commit/f5a2e22a0e9513f78c5d536246665e63d1a558ae (finally...)
Cf. https://attack.mitre.org/techniques/T1553/004/ & https://posts.specterops.io/code-signing-certificate-cloning-attacks-and-defenses-6f98657fc6ec
HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\ProtectedRoots - Flags (REG_DWORD) - 1