Digital signature is added automatically to TVL without user's approval

The bug/issue

  1. What you did:
    launched AutoUpdateIt.au3

  2. What actually happened or you actually saw:
    digital signature of Autoit3.exe (which was called by AutoUpdateIt.au3) was added to TVL

  3. What you expected to happen or see:
    digital signature of Autoit3.exe is not being added to TVL unless i specify this explicitly

  4. How you tried to fix it & what happened:n/a

  5. If its an application compatibility problem have you tried the application fixes here?:n/a

  6. Details (exact version) of any application involved with download link:
    AutoIt v3.3.6.1 AutoIt Downloads - AutoIt

  7. Whether you can make the problem happen again, and if so exact steps to make it happen:

  • install AutoIt v3.3.6.1
  • install CIS
  • Delete “Jonathan Benett” entity from TVL of D+, apply
  • start AutoUpdateIt.au3
  1. Any other information:
    if Autoit3.exe is in the Trusted files list, then digital signature won’t be added to TVL automatically.

Files appended. (Please zip unless screenshots).

  1. Screenshots illustrating the bug:n/a
  2. Screenshots of related CIS event logs and the Defense+ Active Processes List:n/a
  3. A CIS config report or file. attached
  4. Crash or freeze dump file:n/a

Your set-up

  1. CIS version, AV database version & configuration used:
    v5.3. .1216, AV not installed, proactive config

  2. a) Have you updated (without uninstall) from CIS 3 or 4: no
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: n/a

  3. a) Have you imported a config from a previous version of CIS: no
    b) if so, have U tried a standard config (without losing settings - if not please do)?:n/a

  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.):n/a

  5. Defense+, Sandbox, Firewall & AV security levels: D+= safe, Sandbox=disabled , Firewall = safe , AV = not installed

  6. OS version, service pack, number of bits, UAC setting, & account type:
    XP SP3 x86, admin account

  7. Other security and utility software installed: none

  8. Virtual machine used (Please do NOT use Virtual box):n/a

[attachment deleted by admin]

If you uncheck Automatically scan unrecognized files in the cloud, a vendor that is in TVL in the cloud will not be added to the local TVL.

I know this, nevertheless i do not expect digital signature being added to TVL automatically. It is ok for CIS to put file to Trusted files once it is recognised by hash sum, but it’s overkill to put vendor’s digital signature to TVL automatically.

Sorry this is default behavior, if you want it to change please post in Wishlist or disable cloud in Defense+ like I have.


Already done, but thanx anyway