![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 11%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED3%3C/text%3E%3C/svg%3E)
115 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello,
CVE-2013-3900 is a vulnerability related to the way the WinVerifyTrust function handles Windows Authenticode signature verification for portable executable (PE) files. This vulnerability allows an attacker to modify an existing signed executable file to add malicious code without invalidating the signature.
Regarding your concerns:
Unsigned EXE Files: The vulnerability primarily affects signed PE files. Unsigned EXE files are not directly impacted by this vulnerability since they do not undergo the same signature verification process.
Check Frequency: The verification check happens every time the EXE file is run, not just during installation or initial execution. This means that any modifications to the file will be detected whenever the file is executed, provided the stricter verification behavior is enabled.
To mitigate this vulnerability, you can enable the stricter verification behavior by setting the EnableCertPaddingCheck registry key. This will ensure that non-conforming binaries appear unsigned and are rendered untrusted.
Best Regards,
Hania Lian
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.