V-31307 | Medium | Software publishing state table must be configured to only trust items in the users trust database. | Microsoft Windows operating systems provide a feature called Authenticode. Authenticode technology and its underlying code signing mechanisms serve to provide a mechanism to identify software... |
V-30926 | Medium | The .NET CLR must be configured to use FIPS approved encryption modules. | FIPS encryption is configured via .NET configuration files. There are numerous configuration files that affect different aspects of .Net behavior. The .NET config files are described below.
... |
V-31212 | Medium | Windows must be configured to invalidate PKCS #7 version 1 signed objects | Microsoft Windows operating systems provide a feature called Authenticode. Authenticode technology and its underlying code signing mechanisms serve to provide a mechanism to identify software... |
V-7062 | Medium | Windows must check for expired application certificates | Microsoft Windows operating systems provide a feature called Authenticode. Authenticode technology and its underlying code signing mechanisms serve to provide a mechanism to identify software... |
V-31026 | Medium | Event tracing for Windows (ETW) for Common Language Runtime events must be enabled. | Event tracing captures information about applications utilizing the .NET CLR and the .NET CLR itself. This includes security oriented information, such as Strong Name and Authenticode... |
V-7061 | Medium | Windows systems must be configured to prevent application use of Test Root certificates. | Microsoft Windows operating systems provide a feature called Authenticode. Authenticode technology and its underlying code signing mechanisms serve to provide a mechanism to identify software... |
V-7066 | Medium | Windows must be configured to check the time stamp servers certificate for revocation. | Microsoft Windows operating systems provide a feature called Authenticode. Authenticode technology and its underlying code signing mechanisms serve to provide a mechanism to identify software... |
V-7064 | Medium | Windows must be configured to check for revoked application certificates. | Microsoft Windows operating systems provide a feature called Authenticode. Authenticode technology and its underlying code signing mechanisms serve to provide a mechanism to identify software... |
V-7065 | Medium | Windows must be configured to block application execution if certificate server status is unavailable. | Microsoft Windows operating systems provide a feature called Authenticode. Authenticode technology and its underlying code signing mechanisms serve to provide a mechanism to identify software... |
V-7055 | Medium | Digital signatures assigned to strongly named assemblies must be verified. | A strong name consists of the assembly's identity, simple text name, version number, and culture information (if provided)—plus a public key and a digital signature. Strong names serve to... |