是“代码签名的” windows应用程序不易受病毒感染？ [英] Are "code-signed" windows applications less vulnerable to virus infections?

问题描述

如果您使用代码签名证书签署Windows（本机，而不是.NET）应用程序，这是否以某种方式阻止它随后感染病毒？

If you sign a windows (native, not .NET) application with a code signing certificate, does this somehow prevent it being subsequently infected with a virus?

显然，如果您签署已受感染的文件，您有问题...

Obviously if you sign an already infected file, you've got a problem...

推荐答案

如果应用程序已签名，则无法更改签名，而不会使签名无效。

If the application is signed, it can't be altered without invalidating the signature. So if nothing else, it's easier to identify that the application has been tampered with.

如果它是一个带有签名VBA模块的Office文档，模板或加载项，那么如果没有其他的，那么更容易识别应用程序已被篡改。 （取决于用户的宏安全设置），Office将弹出一个对话框，在执行宏之前提醒用户 - 或拒绝点空白以执行它们。 （它会检测到宏没有有效的签名，而不是文件被篡改）。我不认为标准应用程序（EXE）工作像这样。

If it were an Office document, template or add-in with signed VBA modules, then (depending on the user's macro security settings), Office would pop up a dialog alerting the user before executing the macros - or refuse point blank to execute them. (It would detect that the macros did not have a valid signature, not that the file had been tampered with). I don't think that standard applications (EXEs) work like this, though.

这篇关于是“代码签名的” windows应用程序不易受病毒感染？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！