![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 70%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
Hi , i already checked and the value under the specific directory is "1" but on scanning my machine is still showing as vulnerable.
Thank you
CVE-2013-3900 WinVerifyTrust Signature Validation Vulnerability
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 15%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
Abdul Aremu
5
Reputation points
Hi All
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-3900
To remediate the vulnerability CVE-2013-3900 is to add the below registry values.
[HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config] "EnableCertPaddingCheck"="1"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config] "EnableCertPaddingCheck"="1"
On my Windows servers 10 i dont see the folders Wintrust\Config in registries. And when i do as said in the link, which is to put the command in a .reg file and double click it. I get the error as seen in the image attached
Windows for business | Windows Client for IT Pros | User experience | Other
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous2024-09-02T08:03:46.88+00:00 Hello,
I have not heard from you for a few days. Please let me know if there is anything that I can help here.
Best Regards,
Hania Lian
Sign in to comment
3 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 13%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGG%3C/text%3E%3C/svg%3E)
Guillaume Genest 0 Reputation points2024-09-13T18:42:47.14+00:00 Is CVE-2013-3900 really affecting windows 10/ windows 11? Do we really need to create that registry key to fix a 2013 cve?
Please advise.
-
Anonymous
2024-08-08T03:22:45.4366667+00:00 Hello.
Open the .reg file using Notepad. To do this: Right-click on the .reg file and choose ‘Edit’.
Remove the blank line at the top of the file.
Cannot import file: The specified file is not a registry script (thewindowsclub.com)
Best Regards,
Hania Lian
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
-
Manuel Ricardo Rojas Salazar 0 Reputation points2025-04-07T16:21:14.89+00:00 Ive asked to copilot and give me this code.
# Define the registry paths and values
$regPath1 = "HKLM:\Software\Microsoft\Cryptography\Wintrust\Config"
$regPath2 = "HKLM:\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config"
$regName = "EnableCertPaddingCheck"
$regValue = "1"
# Create the registry paths if they do not exist
if (-not (Test-Path $regPath1)) {
New-Item -Path $regPath1 -Force
}
if (-not (Test-Path $regPath2)) {
New-Item -Path $regPath2 -Force
}
# Set the registry values
Set-ItemProperty -Path $regPath1 -Name $regName -Value $regValue -Type String
Set-ItemProperty -Path $regPath2 -Name $regName -Value $regValue -Type String
Write-Output "Registry values set successfully."
Sign in to comment -