This doesn't seem like the kind of vulnerability a security service would really care about. It's just about whether Windows does or doesn't show a nag prompt when trying to run the malicious file.

I doubt there are any real systems where the only thing standing between the system being secure or not is Windows code signing.

> This doesn't seem like the kind of vulnerability a security service would really care about. It's just about whether Windows does or doesn't show a nag prompt when trying to run the malicious file.

And yet, if memory serves, they went to the trouble of stealing a code-signing certificate from a software development company so that they could do exactly that in an Iranian nuclear facility!

Besides, even if this one weren't all that useful on its own, we've seen time and again how a few of these these "minor" vulnerabilities can be "chained" together, eventually resulting in a full compromise.

To be specific, in that case the NSA wanted to install a malicious driver on Windows machines that required driver signature enforcement, so there was no other way to get a driver installed except to steal a certificate to sign their driver.

I'm surprised they could steal the certificate, as it should have been stored on an HSM.

Why wouldn't a security service care about the ability to hide malicious executable payloads in files that are presented as having a higher-than-normal level of trustworthiness?