Microsoft Windows is flawed in the way it trusts certificates. Microsoft Windows File Protection will automatically trust software that has been digitally signed with certificates rooted in any of the Trusted Root Certification Authorities.

This can be abused by malicious persons to sign any maliciously designed code and install it on systems without alerting the user, because Windows "trusts" root certificates even if they should only be used for signing SSL certificates and not signing code. This could be done anonymously by using:
http://www.freessl.com/

Also Windows is designed to trust every version of previously published code from .CAT files, this allows malicious persons to replace new code with old buggy and vulnerable code.

This problem exists even if you have applied MS02-050 to prevent ID spoofing with digital signatures.

Solution
In our opinion no operating system or software should trust the source or origin of software or digital signatures by default. This should always be verified by a system administrator or other capable person. We recommend that you configure your Windows systems to trust as few root certificates as possible and instruct your users about the consequences (ie. they are prompted each time they enter an SSL site).
Further details available to Secunia VIM customers

Provided and/or discovered by
Forensics.org

Changelog
Further details available to Secunia VIM customers

Deep Links
Links available to Secunia VIM customers