Digital Signature Error when applying Intelligent Updaters after December 12th, 2012

Article:TECH200797  |  Created: 2012-12-12  |  Updated: 2012-12-12  |  Article URL http://www.symantec.com/docs/TECH200797
Article Type
Technical Solution


Issue



Upon running the Intelligent Updater, errors referring to the Digital Signature appear. The Intelligent Updater does not continue, and content is not updated. This occurs only with the Intelligent Updater, and not when applying LiveUpdate signatures.


Error



Possible errors:
  • Digital signature information: One of the countersignatures is not valid. The file may have been altered.

  • This package is not signed with a valid Symantec signature. This Intelligent Updater package cannot continue installing.


Environment



The issue occurs on Windows XP, 2000 and 2003 computers that have the Windows Update service disabled. The error occurs when the Intelligent Updater signature is being verified. 


Cause



These error messages appear when a computer attempts to execute a binary file that is signed with a certificate that Windows does not recognize. In this case, the Windows root certificate for legacy operating systems has expired on the client computer, so the newer certificate that is included with the Intelligent Updater is not recognized.


Solution



To solve this problem, install the latest Windows patches on the affected computers, and then run the Intelligent Updater.

The patch that resolves the problem is available from the Microsoft Web site:
Update for Root Certificates For Windows XP [April 2012] (KB931125)

For more information on Windows root certificates, read the following article from the Microsoft Knowledge Base:
Windows root certificate program members




Article URL http://www.symantec.com/docs/TECH200797


Terms of use for this information are found in Legal Notices