Is there a secure way to verify a signed exe?

Tag: code-signing , signing , authenticode Author: pengphw Date: 2014-04-01

I wonder if there's a possibility to verify a signed exe? Is there some way to let the OS not execute a modified exe?

If I would check the signature in the signed exe myself (programmatically using CrpytoAPI or whatever) how could I make sure that the checking code wasn't modified?

Does signing give you any security with regard to code manipulation?

Thanks and cheers, CrazyTea

I have not came across any tainted file that has passed certificate signing. Nor does anyone hack signed stuff for lets say windows 8 from winxp. They have to rewrite and recompile and sign. Edit: well I've seen attempts, but they always fail. Like Smart Card drivers for win8 from xp. Best to just emulate xp. Haha