Prev: Error code 646
Next: Windows Update error 80070643
From: J on 17 Apr 2010 00:15
Customers with KB978601 installed are unable install one of our
software products. They get the error "invalid digital signature" when
the installer reaches the last cab file. I was able to reproduce the
problem on Windows 7 and XP (both with the latest updates), and also
verified the problem goes away after uninstalling KB978601.

The following error message was logged: "Error 1330. A file that is
required cannot be installed because the cabinet file setup11.cab has
an invalid digital signature. This may indicate that the cabinet file
is corrupt. Error 24592 was returned by WinVerifyTrust."

Our product comes with 11 cab files. Only the last one gives the
error. When you right-click on the cab file and view the certificate,
the message is "This digital signature is not valid."

This problem just started happening yesterday (4/15/10).

Any ideas or similar experiences?

From: PA Bear [MS MVP] on 17 Apr 2010 02:28
Is the digital signature valid?

For home users (only), no-charge support is available by calling
1-866-PCSAFETY (and/or 1-866-234-6020 and/or 1-800-936-5700) in the United
States and in Canada or by contacting your local Microsoft subsidiary.
There is no-charge for support calls that are associated with security
updates. When you call, clearly state that your problem is related to a
Security Update and cite the update's KB number (e.g., KB978601).

Or you can...

Start a free Windows Update support incident request:
https://support.microsoft.com/oas/default.aspx?gprid=6527

Customers who experience issues installing Microsoft security updates also
can visit the following pages for assistance:
https://consumersecuritysupport.microsoft.com/
http://support.microsoft.com/ph/6527#tab3

For more information about how to contact your local Microsoft subsidiary
for security update support issues, visit the International Support Web
site: http://support.microsoft.com/common/international.aspx

For enterprise customers, support for security updates is available through
your usual support contacts.


J wrote:
> Customers with KB978601 installed are unable install one of our
> software products. They get the error "invalid digital signature" when
> the installer reaches the last cab file. I was able to reproduce the
> problem on Windows 7 and XP (both with the latest updates), and also
> verified the problem goes away after uninstalling KB978601.
>
> The following error message was logged: "Error 1330. A file that is
> required cannot be installed because the cabinet file setup11.cab has
> an invalid digital signature. This may indicate that the cabinet file
> is corrupt. Error 24592 was returned by WinVerifyTrust."
>
> Our product comes with 11 cab files. Only the last one gives the
> error. When you right-click on the cab file and view the certificate,
> the message is "This digital signature is not valid."
>
> This problem just started happening yesterday (4/15/10).
>
> Any ideas or similar experiences?

From: sgillbee on 21 Apr 2010 14:38

We've run into this issue with KB978601 also.

The key issue here is that MS stepped up enforcement in the signature
validation subsystem in such a way that previously valid signatures now
don't validate.

It's a simple test:
1. Uninstall KB978601
2. Validate the signature (look in file properties). It's okay.
3. Install KB978601
4. Validate the signature again. Now it's invalid. Same file. Nothing
changed except for WinTrust.dll (the core Authenticode DLL in Windows
that is updated by KB978601).

For our situation, the cab files that fail post-KB978601 validation are
all similar: they all contain only 1 zero-length file. So essentially
these cabs are empty (just a file list with no real contents). As soon
as we put some dummy data in the cab file (20 characters in our case),
the signature validated just fine.


--
sgillbee
Posted via http://www.win7heads.com

 | 
Pages: 1
Prev: Error code 646
Next: Windows Update error 80070643