Hacker News new | past | comments | ask | show | jobs | submit login

It means generating a signature of the binaries being installed, and having this signature be authenticated by Microsoft (using their signing key).

The signature is distributed alongside the binaries.

I'm not certain if the Windows Update system uses the same Autheticode system used for application binaries, but you can start reading here:


Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact