Showing posts from June, 2022

MeshCentral - Authenticode Time Stamp, Resources, Assistant Lock, Intel® SM, Router

MeshCentral is an open source, web based, feature packed computer management web site. MeshCentral development is continuing swiftly, and the blog posts are not keeping up with the number of features being released, so, this week’s post includes plenty of unrelated features and improvements that are making MeshCentral most customized and more secure than ever before. We have many improvements to the Authenticode feature we announced a few weeks back, code to change the resource strings within an executable, MeshCentral Assistant now has the server locking feature, Intel® Standard Manageability support was improved and more improvements to MeshCentral Router. It’s been a crazy month so far and it’s not over. In detail: Authenticode-JS Time Stamping . A few weeks back we released Authenticode-JS, the first ever fully NodeJS tool for code signing Windows executables. This last week, we improved this tool to add support for certificate authority time stamping. This allows an executable tha

MeshCentral - Authenticode Module and Automatic Agent Signing

This week is a crazy feature and in many ways an industry first for this type of software. Last week, the first ever purely NodeJS implementation of Authenticode signing was built and added to MeshCentral making it capable of signing Windows executables from any operating system. On top of that, MeshCentral now generates a code signing certificate as part of its standard certificates and automatically signs the Windows Agents. There is even an option to automatically lock the signed agent to only connect to the server that signed the agent. The net result is a Window agent that is uniquely signed to its server. In detail: MeshCentral code signing certificate . MeshCentral already generates many certificates when it first runs: Root, Agent, MPS and HTTPS. With the latest release, a code signing certificate is also generated, issued from the generated self-signed server root certificate. This private code signing certificate is not globally trusted unless the server root cert is trusted.