Microsoft Defender is flagging the Ziti Desktop Edge installer as unrecognized

[tburtchell]

Tried installing ziti desktop edge from https://github.com/openziti/desktop-edge-win/releases/tag/1.9.10. Running the executable triggers the 'Windows protected your PC' screen.

To install the app:

1. Click "More info"
2. Click "Run anyway"

[dovholuknf]

thanks. we changed the way the installer was signed in May 2021. Now the installer is signed by a legitimate, third party but we also sign it using a self-signed certificate which won't be on your local system. Seems like defender is picking up on the fact that this installer has one cert that is not verifiable and flagging it... We did not expect that behavior.

You can verify / feel good about the install by checking the hash of the file locally. That's easy to do by running

powershell "(Get-FileHash 'Ziti Desktop Edge Client-1.9.10.exe').Hash"
93D218822380C3E8CD639BFD1B27854BC380EE32ED13F2051A71CF7905EEC503

that should match the sha256 uploaded for that release: https://github.com/openziti/desktop-edge-win/releases/download/1.9.10/Ziti.Desktop.Edge.Client-1.9.10.exe.sha256

Alternatively look at the executable manually by right clicking on it and going to properties -> Digitial Signatures and inspecting the signatures yourself:

We'll look at this when we can.

[dovholuknf]

We have submitted the exe/installer to MS and they seem to have white listed/fixed whatever they needed to. Can you please uninstall and try again ?

[dovholuknf]

Sadly, this was solved by submitting a case to MS via under our enterprise account. While that's great - I don't know what we would have done if we didnt' have an enterprise account