Hi,
Is anyone familiar with this policy?
https://docs.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-process_mitigation_binary_signature_policy
Specifically, I’m trying to understand the meaning of MitigationOptIn
Does having it ‘on’ means:
- An image must be signed by Microsoft AND the store AND WHQL (all of them together) in order to be loaded by the process
- An image must be signed by at least one of the following: { Microsoft ,store, WHQL } in order to be loaded by the process
I tend to believe it’s (2), but the documentation is not clear to me. I’ve tried to look into ci.dll but it requires some digging.
Thanks!