I only know about CVE-2013-3900 (WinVerifyTrust) which allows modified files to pass signature check unless you tweak registry to enable patches.
I think there must be other instances like this where Microsoft won’t fix vulnerability or chooses insecure defaults, is there a list?
You must log in or # to comment.
Highly depends on your definitions of the words “vulnerabilities,” “Windows,” and “patched.” By Microsoft’s definitions of these words, the answer would be no.
A fair number of vulnerabilities exist where a patch or mitigation exists, but hasn’t been widely applied for various reasons.
