Richard Realejo 1 Reputation point

The WinVerifyTrust Signature Validation CVE-2013-3900 Mitigation (EnableCertPaddingCheck) recently started appearing on my Windows 10 machines.
I've read that the solution is to add the following to the registry


My question is, will this create a REG_SZ string value or a DWORD value, and which one should it be?


Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,780 questions
{count} votes

6 answers

Sort by: Most helpful
  1. 2023-04-18T19:08:16.5833333+00:00

    trying making sure the 1 is a DWORD and not REG_SZ

    2 people found this answer helpful.
    0 comments No comments

  2. jandec 6 Reputation points

    When following the instructions and creating the .reg files as published in https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2013-3900, the registry keys are created as REG_SZ.


    1 person found this answer helpful.

  3. Matt D. Sardi 35 Reputation points

    These registry keys will not remediate this issue. I have another request open for Microsoft to provided an updated and correct solution.

    1 person found this answer helpful.

  4. Machado, Claudemar (contracted) 0 Reputation points

    Hi, once I have created as REG_SZ, should I use content number 1 or the word "enable". ?

  5. Walsh, Liam 36 Reputation points

    What is the impact of this change? (apart from satisfying a vulernability scanner)