new version 9.4 have signature problem after download

new version 9.4 have signature problem after download

For me it says "valid signature". Can you post some screenshot please?

I'm also having this problem. Windows 10 gave a strong warning before letting me install it, and my company's anti-virus keeps uninstalling the newest version because of the signature problem.

I fi I download the installer the resul was in the attachement

If I download the installer the resul was in the attachement

You appear to be using Internet Explorer to download the file. Could you please try with a different browser?

IE gives certification error, so used firefox to download the file. Even though the file is downloaded now Symantec considers the file to be a security risk.

Yes, with IE error, with Firefox run fine

Symantec again, sigh. It's the third or fourth time it does a false positive detection in heidisql.exe. I always need to post the new file to their report page in order to get rid of the false positive detection. However, I will first check the corrupt signature, which is most probably due to its expiry.

Firefox also works here, only IE complains about a corrupt certificate.

I have rechecked the certificate and see it is not yet expired. The certificate has a validation interval from Nov 30 2015 up to Nov 29 2016. See attached screenshot.

I also checked since which Heidi build the certificate in IE is "broken", and found that it started on the first build of January 2016. I also found this thread saying that IE does not accept SHA-1 signatures any longer due to insecurity reasons, since January 2016. I should be able to update the certificate to SHA-2 and rebuild the new Heidi release.

Done! The 9.4 release and last build (and all builds in the future) should contain the updated, sha-2 based certificate.

Only my Internet Explorer shows a different message now after downloading (see attachment), saying

This program was downloaded rarely, and it could probably damage your computer

Wtf? I guess that means the certificate is ok now, and this is some additional security message?

Funny, no antivirus actually detects the original 9.4 release as virus, not even Symantec:

https://www.virustotal.com/es/file/6a4ae5f472ce03f1dc8dafcba8b545c53ac9b93ca6208c1266c66f98e354a1aa/analysis/

It all appears to originate from a foolish security approach like: "never seen this file before, it must be bad".

Thanks, will confirm, once the updated definitions are uploaded.

Symantec again, sigh. It's the third or fourth time it does a false positive detection in heidisql.exe. I always need to post the new file to their report page in order to get rid of the false positive detection. However, I will first check the corrupt signature, which is most probably due to its expiry.

Downloaded through IE and installed in the system. No Smart screen filter restriction and symantec allows normal installation. Thanks.

Thanks, will confirm, once the updated definitions are uploaded.

Symantec again, sigh. It's the third or fourth time it does a false positive detection in heidisql.exe. I always need to post the new file to their report page in order to get rid of the false positive detection. However, I will first check the corrupt signature, which is most probably due to its expiry.