WinVerifyTrust Signature Validation Vulnerability

Question

WinVerifyTrust Signature Validation Vulnerability

asked Nov 13, 2022 in Windows Server by Mohammed Al-Muqrin

I got this WinVerifyTrust Signature Validation Vulnerability from a vulnerability scanner in SharePoint servers and other servers and its height Severity, which means it must solve.

Below are details of this vulnerability:

Plugin Name:

WinVerifyTrust Signature Validation CVE-2013-3900 Mitigation (EnableCertPaddingCheck)

Plugin Output:

Nessus detected the following potentially insecure registry key configuration:

Software\Microsoft\Cryptography\Wintrust\Config\EnableCertPaddingCheck
Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config\EnableCertPaddingCheck

From the Plugin Output, it sounds like we need to add this key to the registry, but I can't find the path of this key in the registry.

1 Answer

answered Nov 13, 2022 by Mohammed Al-Muqrin
selected Nov 13, 2022 by Mohammed Al-Muqrin

Best answer

WinVerifyTrust Signature Validation

To close this vulnerability simply add a key to the registry EnableCertPaddingCheck and set it to 1 for the path you get from the Plugin Output.
The below Steps is the Solution for WinVerifyTrust Signature Validation Vulnerability:

1) Paste the below text to notepad or any text editor then save the file to .reg extension such as "WinVerifyTrust.reg"
For 32-bit:

Windows Registry Editor Version 5.00  
[HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config]   
"EnableCertPaddingCheck"="1"

For 64-bit:

Windows Registry Editor Version 5.00  
[HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config]   
"EnableCertPaddingCheck"="1"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config] 
"EnableCertPaddingCheck"="1"

2) Run the file you created by double-clicking.

3) Check the two paths in the registry as shown in the image.
$HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config$