CVE-2013-3900 is a flaw known for almost 10 years that allows hackers to carry out attacks against the Windows operating system. To avoid unpleasant surprises, there is a very simple solution to protect yourself. Here’s what you need to know.
Windows is constantly enriched with features as it is rumored that the future Windows 12 will be inspired by Chrome OS. In addition to new features, Microsoft fixes bugs and other flaws. Except that a security failure is talked about, mainly because it is almost 10 years old! Several pirates use it to do a lot of damage, here’s how to protect yourself from it.
To read > Windows 11: price, features, new features, how to update, everything you need to know
A flaw that allows modification of signed files
For 10 years, a security breach called CVE-2013-3900 wreaks havoc on Windows. It allows hackers to add code to files that have a security signature that serves as authentication. Despite these changes, these files retain their signed status. If you’re wondering why Microsoft isn’t doing anything about this 10-year-old flaw, it’s because upgrading to Windows 11 remove the fix according to Bleeping Computer.
The company discovered the problem by being herself affected by a computer attack via a Trojan horse that was added following the modification of DLL files.
To read > Windows 12: release date, news, price, what to expect?
How to fix the CVE-2013-3900 flaw in Windows?
There are manual operations to protect against the CVE-2013-3900 flaw. Be careful though, better not risk it if you do not master the steps below!
These manipulations allow manipulated files to appear as unsigned. They are therefore no longer approved by Windows, attacks are thus prevented.
Windows 32 bits :
Create a notepad, for example, then copy the code below and save the file with the extension .reg.
Windows Registry Editor Version 5.00
(HKEY_LOCAL_MACHINESoftwareMicrosoftCryptographyWintrustConfig) "EnableCertPaddingCheck"="1"Then just double-click on your file .reg.
Windows 64 bits :
As before, it will be necessary to create a notepad then copy the text below by saving the file with an extension .reg.
Windows Registry Editor Version 5.00
(HKEY_LOCAL_MACHINESoftwareMicrosoftCryptographyWintrustConfig) "EnableCertPaddingCheck"="1"
(HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftCryptographyWintrustConfig) "EnableCertPaddingCheck"="1"Double-click, voila!
