cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Superfreak3
Level 11

Custom Action Utilities Flagged By Windows Defender...

Jump to solution

Hi all,

This is really a two-part question.  First, why are some custom actions reported by the actual .exe or .dll name for some actions and MIS*.tmp for others?  Is that governed by the actual Custom Action type or something to that effect?  Or if some are support files and some are pulled from the Binary table, would that do it?

Secondly, and the main question...  What do you do for actions being flagged by Windows Defender?  Besides whitelisting, will signing those executables help?

With the MSI*.tmp actions/executables, will signing the actual .exe/.dll being called and referenced as .tmp in the log help?

We're starting to see more and more issues with Defender lately.

Thanks for any info you can provide.

 

Labels (1)
0 Kudos
(1) Solution

Basically yeah. I just to the default build in visual studio, then I handle everything in the post-build event.

My post build looks like this:
del /f "$(TargetDir)$(TargetName).CA.dll"
signtool HowEverYouDoYourSigningHere "$(TargetPath)"
nuget install WixToolset.Dtf.CustomAction -OutputDirectory $(ProjectDir)obj\.nuget\
$(ProjectDir)obj\.nuget\WixToolset.Dtf.CustomAction.4.0.2\tools\WixToolset.Dtf.MakeSfxCA.exe "$(TargetDir)$(TargetName).CA.dll" "$(ProjectDir)obj\.nuget\WixToolset.Dtf.CustomAction.4.0.2\tools\x86\SfxCA.dll" "$(TargetPath)" "$(TargetDir)CustomAction.config" "$(TargetDir)WixToolset.Dtf.WindowsInstaller.dll"
signtool HowEverYouDoYourSigningHere "$(TargetDir)$(TargetName).CA.dll"

1. delete the bad CA with the unsigned .dll
2. sign the CustomAction.dll
3. install WixCustomAction from nuget (to make the project more dynamic)
4. Build the CA.dll with the signed CustomAction.dll (this line will break incase WixToolset.CustomAction updates to a newer version, as the path is hardcoded. I honestly didn't care if that's the only thing I have to change in the future)
5. lastly I sign the rebuilt CA.dll file. To answer your question, yes I think you have to sign this aswell. I think I saw defender fail at it a few times when I tested before I signed it.

View solution in original post

(22) Replies

SCRATCH THAT!  In my haste to test, I didn't change the function name when I rebuilt the project for v4!!  Whew!  at any rate!  All seems to be working.  I checked the .dll in the temp area during install ant it is signed!!

Thanks so much @Locil95 for the info!!

0 Kudos

Perfect, I'm glad it worked out 👍
It's a total shame WiX doesn't support this with CustomActions. It's a total flaw if you ask me.