* Posts by sl149q

1 publicly visible post • joined 29 Jun 2021

Microsoft approved a Windows driver booby-trapped with rootkit malware


Driver signing by Microsoft is just a way to know who is responsbile

Microsoft does not do much in the way of checking drivers before signing.

The primary requirement is that you have an EV Code Signing certificate so that they (Microsoft) have some confidence that they can track down anyone submitting a problematic driver.

One of the requirements for the EV cert is that it is stored on a security key. So if you plan to say someone stole your EV cert you need to say how they got the dongle and how they got the password for it.