my personal blog about systemcenter

Building new reference machine with “new “Edge and finding a google Cert

I was building a new reference image for my Windows PC

PS C:\Program Files (x86)\Microsoft\Edge\Application> $EDGE = Get-SystemDriver -ScanPath `C:\Program Files (x86)\Microsoft\Edge\Application’ -UserPEs

PS C:\Program Files (x86)\Microsoft\Edge\Application> New-CIPolicy -FilePath EDGE.xml -DriverFiles $EDGE -Level FilePUBLISHER -UserPEs

Running the file level scan for publisher to see whats “around”

    <Signer ID=”ID_SIGNER_F_71″ Name=”DigiCert SHA2 Assured ID Code Signing CA”>

      <CertRoot Type=”TBS” Value=”E767799478F64A34B3F53FF3BB9057FE1768F4AB178041B0DCC0FF1E210CBA65″ />

      <CertPublisher Value=”Google LLC” />

      <FileAttribRef RuleID=”ID_FILEATTRIB_F_21″ />


Outside of the Microsoft certificate there was a reference to a Google Certificate

    <FileAttrib ID=”ID_FILEATTRIB_F_21″ FriendlyName=”C:\Program Files (x86)\Microsoft\Edge\Application\79.0.309.71\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll FileAttribute” FileName=”widevinecdm.dll” MinimumFileVersion=”4.10.1440.18″ />

Looking at the file its cross signed with both Microsoft and Google

Will create the policy without the Google signer for now 🙂