How can we improve the Windows dev platform?

Windows Defender SmartScreen does not show publisher name of a signed executable on v1709

I have purchased a Standard Code Signing certificate from Digicert and I do not understand why my executable, although signed with a certificate from a trusted CA is displayed as Unknown Publisher by Windows Defender SmartScreen.

https://i.imgur.com/BEqKcFJ.png

If I disable "Check applications and files" in "Control applications and browser" of the "Windows Defender Security Center" of Windows 10, my editor name appears correctly in the "Open File - Warning security"

https://i.imgur.com/uN7rdWe.png

So, I'd really like to understand why the SmartScreen filter in Windows Defender still says Unknown Publisher.

I understand that the SmartScreen filter is based on a reputation system and I do not question the actual display of the warning message (as my Code Signing certificate is not an EV one) but the fact that the name of the publisher is indicated as Unknown Publisher, whereas a valid signature is present.

I am signing with latest version available of Sign Tool (v 10.016299.15) for Windows 10 SDK Kit on Windows 10 Pro edition (version 1709, build 16299.15).

I have tried to sign with sha256, sha1 and dual sign both sha1 and sha256 but nothing get rid of the Unknow Publisher from SmartScreen filter in Windows Defender.

Again, it works well with the "Open File - Warning security" dialog box.
Trying to investigate, I have downloaded an HyperV virtual machine of Windows 10 on https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/

On that machine (Windows 10 Enterprise Evaluation, version 1703, build 15063.0), it works just fine and my publisher name appear on my signed executable like it should on Windows Defender SmartScreen warning dialog.

11 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Jean Traullé shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    2 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Nick commented  ·   ·  Flag as inappropriate

        I can confirm the same behaviour with our in-house CRM app, the click to run application is signed correctly (also a digicert code signing cert), the cert has been submitted to the MS HW Dev portal to preload it into smartscreen and all this works fine on earlier 1703 and previous Win 10 builds however as of 1709 it generates this smartscreen popup with no publisher shown.

        Unless we can solve this there is no way we can deploy 1709 or newer Win 10 builds to our call centre as they rely on being able to run our CRM app without admin rights (and the whole point of using click to run being that we can do rapid updates that easily install to the user profile).

      Feedback and Knowledge Base