SebCT

icon location System & Security Engineer 💻 | loves Deep / Tech / House music #InfoSec #BlueHat #System #Engineering

Results 6 comments of SebCT

v2024.2.0: PowerShell Terminal Fails to Load Due to PSES change to non-Windows-trusted Certificate

Since 2024.2.0 some components (DLLs and PS1/PSM1/PSD1) of the module are signed with a untrusted certificate/CA called "ameroot" - here is the output with sigcheck from Sysinternals, also affects AppLocker...

v2024.2.0: PowerShell Terminal Fails to Load Due to PSES change to non-Windows-trusted Certificate

> No certificates are trusted on your machine by default. They are signed with updated certificates, you will need to trust those when running AllSigned. That's not true - there...

v2024.2.0: PowerShell Terminal Fails to Load Due to PSES change to non-Windows-trusted Certificate

> This issue has been labeled as resolved, please verify the provided fix (or other reason). Not resolved yet

v2024.2.0: PowerShell Terminal Fails to Load Due to PSES change to non-Windows-trusted Certificate

Thanks, working nearly perfect except one DLL: AppLocker is still having a problem with the certificate(s) and counter signing of this file here: .vscode\extensions\ms-vscode.powershell-2024.2.1\modules\powershelleditorservices\bin\common\System.Reactive.dll The DLL "System.Reactive.dll" is counter signed...

v2024.2.0: PowerShell Terminal Fails to Load Due to PSES change to non-Windows-trusted Certificate

I see, but could the security engineers at Microsoft take a look because of AppLocker Application Allowlisting? Because with this new counter signed DLL a publisher rule doesn't work anymore,...

v2024.2.0: PowerShell Terminal Fails to Load Due to PSES change to non-Windows-trusted Certificate

> Also, doing a sigcheck looks like the DLL itself hasn't changed in PSES from 2024.2.0 from 2024.3.2, so was this just a new detection that was a previous mis-signing?...