KB978601 causes "invalid digital signature" error with a CAB file

Customers with KB978601 installed are unable install one of our
software products. They get the error "invalid digital signature" when
the installer reaches the last cab file. I was able to reproduce the
problem on Windows 7 and XP (both with the latest updates), and also
verified the problem goes away after uninstalling KB978601.

The following error message was logged: "Error 1330. A file that is
required cannot be installed because the cabinet file setup11.cab has
an invalid digital signature.  This may indicate that the cabinet file
is corrupt.  Error 24592 was returned by WinVerifyTrust."

Our product comes with 11 cab files. Only the last one gives the
error. When you right-click on the cab file and view the certificate,
the message is "This digital signature is not valid."

This problem just started happening yesterday (4/15/10).

Any ideas or similar experiences?

0
J
4/17/2010 4:15:38 AM
windowsupdate 1336 articles. 0 followers. Follow

3 Replies
3248 Views

Similar Articles

[PageSpeed] 39

Is the digital signature valid?

For home users (only), no-charge support is available by calling 
1-866-PCSAFETY (and/or 1-866-234-6020 and/or 1-800-936-5700) in the United 
States and in Canada or by contacting your local Microsoft subsidiary. 
There is no-charge for support calls that are associated with security 
updates.  When you call, clearly state that your problem is related to a 
Security Update and cite the update's KB number (e.g., KB978601).

Or you can...

Start a free Windows Update support incident request:
https://support.microsoft.com/oas/default.aspx?gprid=6527

Customers who experience issues installing Microsoft security updates also 
can visit the following pages for assistance:
https://consumersecuritysupport.microsoft.com/
http://support.microsoft.com/ph/6527#tab3

For more information about how to contact your local Microsoft subsidiary 
for security update support issues, visit the International Support Web 
site: http://support.microsoft.com/common/international.aspx

For enterprise customers, support for security updates is available through 
your usual support contacts.


J wrote:
> Customers with KB978601 installed are unable install one of our
> software products. They get the error "invalid digital signature" when
> the installer reaches the last cab file. I was able to reproduce the
> problem on Windows 7 and XP (both with the latest updates), and also
> verified the problem goes away after uninstalling KB978601.
>
> The following error message was logged: "Error 1330. A file that is
> required cannot be installed because the cabinet file setup11.cab has
> an invalid digital signature.  This may indicate that the cabinet file
> is corrupt.  Error 24592 was returned by WinVerifyTrust."
>
> Our product comes with 11 cab files. Only the last one gives the
> error. When you right-click on the cab file and view the certificate,
> the message is "This digital signature is not valid."
>
> This problem just started happening yesterday (4/15/10).
>
> Any ideas or similar experiences? 

0
PA
4/17/2010 6:28:18 AM
On 2010-04-17 4:15 p.m., J wrote:

> The following error message was logged: "Error 1330. A file that is
> required cannot be installed because the cabinet file setup11.cab has
> an invalid digital signature.  This may indicate that the cabinet file
> is corrupt.  Error 24592 was returned by WinVerifyTrust."
>
> Our product comes with 11 cab files. Only the last one gives the
> error. When you right-click on the cab file and view the certificate,
> the message is "This digital signature is not valid."

I'd hazard a guess that the file will need to be resigned.  Update KB978601 
changes the way in which cabinet and executable files are signed; I'm not expert 
in this area, but from my interpretation of it this change will invalidate 
previously good signatures under certain circumstances.

You might get better advice in microsoft.public.security.crypto.

   Harry.

-- 
Harry Johnston
http://harryjohnston.wordpress.com
0
Harry
4/19/2010 2:55:18 AM
We've run into this issue with KB978601 also.

The key issue here is that MS stepped up enforcement in the signature
validation subsystem in such a way that previously valid signatures now
don't validate.

It's a simple test:
1. Uninstall KB978601
2. Validate the signature (look in file properties). It's okay.
3. Install KB978601
4. Validate the signature again. Now it's invalid. Same file. Nothing
changed except for WinTrust.dll (the core Authenticode DLL in Windows
that is updated by KB978601).

For our situation, the cab files that fail post-KB978601 validation are
all similar: they all contain only 1 zero-length file. So essentially
these cabs are empty (just a file list with no real contents). As soon
as we put some dummy data in the cab file (20 characters in our case),
the signature validated just fine.


-- 
sgillbee
Posted via http://www.win7heads.com

0
sgillbee
4/21/2010 6:38:26 PM
Reply:

Similar Artilces:

KB978601 causes "invalid digital signature" error with a CAB file
Customers with KB978601 installed are unable install one of our software products. They get the error "invalid digital signature" when the installer reaches the last cab file. I was able to reproduce the problem on Windows 7 and XP (both with the latest updates), and also verified the problem goes away after uninstalling KB978601. The following error message was logged: "Error 1330. A file that is required cannot be installed because the cabinet file setup11.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt. Error 24592 was retu...

files in c:\windows\installer have invalid digital signature
This is the advanced question about files in c:\windows\installer:I  have noticed that some of msi-files located there have invalid digital signatureand some have valid one. What is it caused by? If these files are created by WindowsInstaller why some have correct signature and some not? Is there a way to repairthe installer?The second question is about files in the same directory created by InstallShield installerlike ARPPRODUCTICON and shorcuts. If i look the properties of these files they show somethingodd: there is two line menu on the top of window. Again is there a way ...

Problem with invalid digital signature
Hi, I am working on a samll vbscript application which will read all the mail items in folder. here is the sample code block For Each item in folder.Items Set ObjItem = item ****Some code to prepare the file path**** objSafeMailItem.SaveAs strFilePath, 3 next If Err.Number <> 0 Then LogStdWarn (Err.Number & " : " & Err.Source & " : " & Err.Description) LogStdWarn (" " & "For each Loop Failed") Err.Clear End if I ahve few mails in my folder which are having invalid signature and I am getting popup dialog when I open t...