Related: BigFix 9.5 Patch 2 is now available
This happens in IE on Win10 as well as Windows Server.
This is because the digital signature is currently leveraging a SHA1 digest ( http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx ). I’ll follow up on this, thanks!
I just checked, and the SHA256 of the files themselves match the SHA256 of the download in the fixlet content.
We are aware of this requirement on the new Windows but it is not supposed to be being enforced until next year so Microsoft is not following its own timeline if that kind of warning is being shown. The SHA1 signing is valid however.
Is the rule similar to SSL where the signature must only be valid until Dec 31st 2016?
I just ran the console installer download through Google Chrome, and SmartScreenFilter on Win10 didn’t like it and made me choose “Run Anyway” in order to proceed which is likely due to the signature issue as well.