User32.dll's PE Certificate is expired, how to update it? RRS feed

  • Question

  • hi:

          I use signtool to verify the system library user32.dll, some information is listed as followed:

                signtool verify /pa /a /v user32.dll

                Verifying: user32.dll
                File is signed in catalog: D:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-
                Signing Certificate Chain:
                Issued to: Microsoft Root Certificate Authority
                Issued by: Microsoft Root Certificate Authority
                Expires:   2021/5/10 7:28:13
                SHA1 hash: CDD4EEAE6000AC7F40C3802C171E30148030C072

                Issued to: Microsoft Windows Verification PCA
                Issued by: Microsoft Root Certificate Authority
                Expires:   2016/3/16 6:05:41
                SHA1 hash: 5DF0D7571B0780783960C68B78571FFD7EDAF021

                Issued to: Microsoft Windows
                Issued by: Microsoft Windows Verification PCA
                Expires:   2007/11/7 10:51:44
                SHA1 hash: E6C167825915CF2BBF4969D75DFE1BF08CE87290

                The signature is timestamped: 2007/2/16 2:08:44
                Timestamp Verified by:
                Issued to: Microsoft Root Authority
                Issued by: Microsoft Root Authority
                Expires:   2020/12/31 15:00:00
               SHA1 hash: A43489159A520F0D93D032CCAF37E7FE20A8B419

               Issued to: Microsoft Timestamping PCA
               Issued by: Microsoft Root Authority
               Expires:   2019/9/15 15:00:00
               SHA1 hash: 3EA99A60058275E0ED83B892A909449F8C33B245

               Issued to: Microsoft Timestamping Service
               Issued by: Microsoft Timestamping PCA
               Expires:   2011/9/16 10:03:00
               SHA1 hash: A1DC024FC8B2A76745D4661F663B8741C3D35313

              Number of files successfully Verified: 1
              Number of warnings: 0
              Number of errors: 0

         The bold font show that the certificate is expired! But it is seemed that the user32.dll can be loaded into PMP process, what reason?  and how to update it?



    Thursday, December 13, 2007 6:50 AM


  • This is not an issue for PMP operation.  It only means that specific certificate can no longer be used for code signing operations.



    Wednesday, December 19, 2007 12:14 AM