CVE-2012-0151: Microsoft Windows Authenticode Signature Verification

Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability. The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.

• CISA KEV-listed (remediation due 2022-06-22)
• EPSS 89.0% (99.5% percentile)

Browse the CVE database

Read the full analysis on IntelFusions