In the past, I wasn't that worried about files only signed with SHA2, other than the fact I couldn't be 100% sure the file hadn't been tampered with. While I could see SHA1 sigs for files mpas-fe.exe, MpSigStub.exe, mpasbase.vdm, mpasdlta.vdm, I couldn't for the engine DLL file, mpengine.dll, so I assumed it was only SHA2 signed. The 1.30 5.x.x series introduced a new engine version, v 0.1Ģ. Later that day (in my timezone), new version 1.305.17.0 was released (might've been another 1.305.x.x version I missed prior to that ) while file mpas-fe.exe was still at the time dual-signed ( but I could only see the SHA1 sig then), to my great dismay I discovered that running the file would not update my WD defs to cut a long story short, and after at least an hour of troubleshooting (which included dependency walker, as I was misled by what M$ did to the XP users of MSE/WD), I realised thatġ. Mpas-fe.exe v 1.303.1946.0 released on Fri Oct 18th was the last one to be itself and all of its constituents dual signed - engine version in that file was 0.2 (as said, dual signed) this was the last version of mpas-fe.exe (and, of course, mpam-fe.exe for MSE) installable on a Vista SP2 OS without SHA2 code-signing support present! I sure am I was planning to post a detailed new article in the Vista forum (when my spare time permitted), but since you couldn't wait, I didn't want to come off as giving you the cold shoulder.įTR, the setup file itself ( mpas-fe.exe) used to be (until and including Sun Oct 20th) dual signed (both SHA1 & SHA2 digest algorithms) that file is comprised by four other files: Are you able to install the latest definitions for Defender with KB4474419 v4 installed?
0 Comments
Leave a Reply. |