Windows Authenticode Nag Screen

Windows Authenticode Nag Screen screenshot

Seen this nag screen? Or rather, this scare screen, from Microsoft? Let me answer that! If you install software from a vendor that hasn't been “approved” by Microsoft, you have. “Approved”, one could argue, is another word for “conned”. And you and I, the software users, are left confused. Don't be.

For a tidy little revenue stream, Microsoft charges software vendors so that this dialogue doesn't appear, and so software users aren't put off by what is generally perfectly proper software. One could argue this is more control freakery from the OS manufacturer that already is infamous for such tactics as strong-arming the world into using their second rate excuse for a web browser, Internet Explorer. I couldn't possibly comment!

Setup Unmanaged VPS (4 Noobs!) ... with vpsBible
Secure WordPress. Properly. ... with wpCop, the platform's dedicated security website
Olly 'the_guv' Connelly's site and 'WordPress 3 Ultimate Security' book.

Then again, with the Windows Authenticode nag screen, maybe they are protecting us? Hmmn, or molly-coddling? Nope, it's a red herring, a distraction, or to be more precise, it's just another revenue stream, and a cynical one at that.

How to install Windows-based software safely

If the software is on a CD from a regular source, no worries, just do it. If you want to be ultra-safe, virus-check the disc first.

If you've downloaded the software from online, always run it past your virus software. I recommend AVG Free. Then, when the Microsoft dialogue pops up, click “yes” to say you trust the publisher. And, if you're virus software is properly configured, to update those all-important virus definitions daily, you should have total trust. Those virus definitions are much more up-to-date and therefore secure, in any case, than was Microsoft's certificate, (hot off the press from their accounts department, months ago, and let's just hope the software hasn't been tampered with meantime.)

But never install anything locally, at least from a download source, that you haven't virus-checked, irrespective of Microsoft's Authenticode/Authenticon, authentically-unnecessary ransom strip.

OK, rant over. Happy times!

Disclaimer! Wanna be real safe? Use Linux or, failing that and reverting to Windoze, virus check everything new, run regular system-wide virus checks, run spyware checkers like SpyBotS&D, make sure your system is updated at Windows Update and that includes your web browser. Bin IE6 for IE7 or use Firefox/Opera/Chrome/many others instead.

… Or just turn the damn thing off and go down the pub … 🙂


About the Author:

Olly Connelly (yeah, that's me) blogs at, polices WordPress security at and helps noobs build web servers at, so if you've got sleeping problems you know where to come.


  1. the_guv  January 24, 2009

    @ Pethens. Sure, I think I’d agree, but it’s just so easy to boot into habit. A habit to break… MUST DO! One day.

  2. Fedor  January 24, 2009

    linux is the only safe way to go, for security

  3. the_guv  January 24, 2009

    @ Pethens & Fedor. Tx folks. Sure, this is cyncial, huh.

  4. Fedor  January 24, 2009

    MicroSpies. This is no surprise. Handy tip.

  5. Pethens  January 20, 2009

    MS, can’t be trusted. Tx for this, had wondered…

Add a Comment