Didier Stevens

Saturday 17 December 2011


Filed under: Windows 7,Windows Vista — Didier Stevens @ 17:36

I’ve talked about using the FORCE_INTEGRITY flag with EXEs, but how about DLLs? Its effect is similar.

If flag FORCE_INTEGRITY is set for a DLL, and the DLL is not signed or the signature is invalid, Windows will not load the DLL inside a process.

The error code will be 577, or:

Windows cannot verify the digital signature for this file.
A recent hardware or software change might have installed
a file that is signed incorrectly or damaged, or that might
be malicious software from an unknown source.

Blog at WordPress.com.