Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Current »

We are often asked from concerned customers if our installers have been infected with malware, or if third parties have included toolbars and additional download items to our installer.

We take the provenance of our downloads seriously. If you believe that a download has been compromised, please contact us immediately, after finding that any of the following checks fail.

The following steps will enable to you confirm that the file you downloaded is byte for byte, the one created by our build process.

If any of the checks below fail, then the file is not to be trusted; please re-download using only links on www.macrium.com

You can read more about code signing and the assurance it confers here.
http://msdn.microsoft.com/en-us/library/ie/ms537361%28v=vs.85%29.aspx
 

  1. Right click on the downloaded file, and chose properties:

    1. Check that the file has a digital signature (if not, the digital signature tab is not present).

    2. Select digital signatures tab.
      There will be two signatures, sha1 and sha256. Having two signatures ensures complete coverage for all Windows Operating Systems:

    3. Check the digital signatures are valid, Click details on both certificates.  




  2. Verify the code signing, confirming that the file hasn't been modified and then resigned with a certificate that resembles ours:

    1.  Click view certificate button.

    2. Click details tab.
      1. The thumbprint for the sha1 certificate should be: ‎bca4ffa119ef2e96a573e9d7b4aa35b832ff7161  OR
        1d5389e819282db693e5a44dc50987af278c765d  depending on the date of the signature


          

      2. The sha256 certificate should be: 282c3f64b5f33fa789cd23660953eb5301e5e001




  • No labels