Bitdefender And Digital Signature Authentication
1) Does Bitdefender verify the "Private Key" for signing the files or simply check the Certification Authority (CA)?
2) How does Bitdefender protect in the situation when the document is saved - a point at which a new digital signature would have to be created?
3) What if the files is fakely digitally signed, but is still malicious? Does Bitdefender don't detect the malicious behavior of fakely signed files?
Comments
-
Any reply?
0 -
Any reply?
You know you have to be patient to get reply here.
I m waiting too.0 -
Hello
Bitdefender keeps a direct connection with our cloud servers and all digital signatures are verified.
Also, usually when a digital certificate is revoked, Microsoft releases a hotfix that is immediately pushed via Windows Update, so is recommended to always have Windows Update turned on and set to Automatic.
Under these parameters, the situations from 2. and 3. are practically avoided via security settings from the operating system. Also, since we are talking about digital signatures and malware, I believe that most situations involve .sys files via a rootkit infection that are signed with fake are revoked digital certificates.
Please read the articles from hotforsecurity.com about Stuxnet.
Thank you!0 -
Hello
Bitdefender keeps a direct connection with our cloud servers and all digital signatures are verified.
Also, usually when a digital certificate is revoked, Microsoft releases a hotfix that is immediately pushed via Windows Update, so is recommended to always have Windows Update turned on and set to Automatic.
Under these parameters, the situations from 2. and 3. are practically avoided via security settings from the operating system. Also, since we are talking about digital signatures and malware, I believe that most situations involve .sys files via a rootkit infection that are signed with fake are revoked digital certificates.
Please read the articles from hotforsecurity.com about Stuxnet.
Thank you!
Sorry I can't understand fully. First kindly re-phrase your reply for non-cloud systems, means e.g I disable my internet connection, then what will happen?
Also you did not clear the first question. The 2nd one is related to Document Protection, a separate option provided by some vendors in their security suites. And for the third one I means that a fakely signed malicious file was missed by Bitdefender by digital signature authentication, then how will it can detected by other techniques integrated in Bitdefender signature, heuristics, behavioral blocking etc. I don't think so , my questions are related to the security settings of the OS as I am not talking about OS systems files etc, and what you replied is related to the Vulnerability Scan feature in the Antivirus.0