Is it possible for a digitally signed application to be infected by a virus?

virus malware digital-signature

I downloaded "java development kit" from my college computer, the computer that I used to download the software was full of virus and malware. I scanned the software with antivirus program the software was ok . I checked the software properties and there was a Digital signature on the software.

Digital Signature snapshot

So I wanted to ask following 2 questions :

  1. Does a digital signature on application guarantees that it has not been infected by virus or altered by any means ?

  2. Is it possible that the digital signature remains intact even after the software get infected by virus ?


Solution 1:

Yes, it is possible, but it is highly unlikely that you will be affected by such a thing. It does, happen, however.

A digital signature does not guarantee that a program is free from malware - yes, it's supposed to, but if someone cracks into a database and steals digital signatures / certificates they can sign whatever they please. If the verification path can be trusted, then a digital signature will tell whether the integrity of the program is compromised (i.e., the program has been modified after it was signed).

Related

Use Mouse Without Borders Selectively Over LAN
Windows 7 can't connect to samba share on Linux
Can we replace Memory and Harddisk of laptops - Compaq Presario v2000?
how to partition my hdd for win 7 and ubuntu 12.04
Displaying Korean characters properly on a computer with English Windows XP
Automated forwarding to reverse tunnel
Diagnose Issues with USB External Hard Drive
Multisession burn in Imgburn
Poor wifi connection - PC: 5 bars, Router: 1 bar
How do you prevent the current user folder from opening when starting Windows Explorer?
How to use curl behind a McAfee Web Gateway?
find with regex not working as expected