none
WindowsApps Folder Protections RRS feed

  • Question

  • Windows 10 store apps deploy to c:\Program Files\WindowsApps.  I have become aware that only the app deployment package is signed.  The binaries for the app (exe and dll) are not signed.

    The concern is that the binary could be somehow modified.  WindowsApps seems to have allot of protection beyond the protections of the Program Files folder.  even if I take control I still cannot replace files with full admin permissions.  

    I am looking for some documentation on why these binaries are secure if they are not signed.  I did find this...

    https://docs.microsoft.com/en-us/windows/threat-protection/overview-of-threat-mitigations-in-windows-10

    But it doesn't address what is signed during certification or how WindowsApps folder is protected.

    Does anyone have documentation how how these files are considered to be a trusted app if the are not signed?  Or how they are protected in the WindowsApps folder?

    Thursday, December 28, 2017 11:07 PM