呵呵，原来是avast

360Tencent

https://blog.avast.com/2012/04/1 ... erability-ms12-024/

This issue was discovered and researched by us; we have been in contact with Microsoft engineers for the past few months to fix this problem. The aim of this blog post is to explain the problem, the risks, and possible consequences of the fix.

http://bbs.360.cn/3451604/253667214.html?recommend=1

北京时间4月11日凌晨，微软向全球用户发布6款补丁，用于修复Windows、IE、Office等系统和软件的11个漏洞。其中，安全公告编号为MS12-024的补丁修复了Windows平台签名认证的高危漏洞，可以防范木马伪造数字签名获得“合法身份”。目前，360安全卫士已第一时间向全体用户推送补丁，建议广大网民尽快修复。

360安全专家介绍，数字签名相当于软件的身份证，正规软件开发者通常会对软件代码进行数字签名，从而证明软件没有被非法篡改且来源可信。一旦Windows平台签名认证漏洞遭黑客利用，将意味着木马可以伪造微软及其他一些公司的数字签名，从而被杀毒软件误认为正规公司发布的合法程序，漏洞危害极为严重。

Windows平台签名认证漏洞
安全公告：MS12-024；知识库编号：KB2653956；级别：高危
补丁描述：本补丁修复了Windows中存在的一个秘密报告的安全漏洞，当存在漏洞的用户运行一个精心构造的程序时，可能引发攻击者的恶意代码得到执行，安装恶意程序或窃取用户隐私。
影响系统：Windows全平台

博客里还介绍了一些细节

The processing consists of two steps; the first step is to make sure that the file hasn’t been tampered with. The code applies complex mathematical algorithms to verify that the file has not been modified in any way, and the file is exactly the same as it was at the moment it was signed. When this is confirmed, the second step is to check whether the particular signer is actually trusted by the system. The system’s certificate store is consulted and the chain of trust is verified.

However, as it turns out, there is a problem in the first step. A signed executable can be modified in such a way that it uses/executes a modified (and possibly malicious) part of the code, yet the file’s signature still remains valid. This destroys the key property of digital signatures – ensuring that a signed file has not been tampered with.

UDady

avast还是很敬业的

也不知道谁

不错不错，真是好啊~

仯釕↘①訜執著

小A是很重视用户的。。。  这点 希望国内安全软件借鉴！

253494518

不错，感谢分享

lbxz

支持小a

chinaqiaobo

小a果然又给了我信心

young2288

感觉avast7没以前版本轻巧了,用2 天就换了

w可a了d

支持小a

gaowenwen

小A布错  支持