[KB5858] Signature of ESET Live Installer is corrupt or invalid

Problème

  • You receive an error message about a corrupted/invalid signature after downloading ESET Live Installer

    Figure 1-1

 

The signature is actually valid; however, due to a new policy introduced by Microsoft at the beginning of this year, files that have been signed with a SHA-1 code-signing certificate, and that have been time-stamped with a value greater than January 1, 2016, will no longer be considered as "trusted."

Affected operating systems:

  • Windows 7 and later
  • Windows Server operating systems

Affected browsers:

  • Microsoft Internet Explorer
  • Microsoft Edge

Détails

This security measureme from Microsoft is in response to recent attacks on the SHA-1 algorithm. For more details, please see the following article from Microsoft:
http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx

Solution

ESET will sign all affected files with a new signature soon, which will resolve this issue. To run ESET Live Installer in th meantime, click View downloads, right-click the ESET Live Installer file and in then select Run anyway from the context menu.

Figure 1-2

 

You can now proceed with the installation.

Not recommended for all files 

Running applications with corrupted or invalid signatures is not a good security practice; the steps abov should not be applied to all files.