昨天,我正在和PowerShell 编辑器服务开发一个工具。在内部,它使用命名管道在客户端和服务器之间进行通信。它们都在本地运行。
有一次,名为管道的服务器停止响应。然后我开始注意到我的系统存在一系列问题。
首先,PowerShell VS Code 扩展也无法连接。它就像我的测试应用程序一样挂起。它还默认使用命名管道以及 PowerShellEditorServices。
其次,Get-ExecutionPolicy在 PowerShell 7.3.8 中运行,返回以下内容。
get-executionPolicy: The 'get-executionPolicy' command was found in the module 'Microsoft.PowerShell.Security', but the module could not be loaded due to the following error: [The following error occurred while loading the extended type data file:
, C:\program files\powershell\7\Modules\Microsoft.PowerShell.Security\Security.types.ps1xml: The file was skipped because of the following validation exception: File C:\program files\powershell\7\Modules\Microsoft.PowerShell.Security\Security.types.ps1xml cannot be loaded because its operation is blocked by software restriction policies, such as those created by using Group Policy..
]
For more information, run 'Import-Module Microsoft.PowerShell.Security'.
如果我以管理员身份启动 PowerShell,则可以成功运行此命令。此外,Windows PowerShell 不会遇到这些问题。
最后,我注意到任务栏上的 Visual Studio 快捷方式不起作用。它设置为以管理员身份运行,单击时,它显示该应用程序已被我的管理员阻止(我是本地管理员)。
这似乎是 App Locker、Defender 或 GP 的问题,但我在域外运行,没有配置任何这些。这几乎就像 Windows 认为我在做一些可疑的事情,现在已经以某种方式锁定了我的计算机。
我在事件日志中找不到任何内容来表明为什么会发生这种情况。
Windows 11 版本 22H2(操作系统内部版本 22621.2428)PowerShell 7.3.8
编辑:我意识到某些 Microsoft 证书不受信任。我尝试了 pwsh.exe 和 devenv.exe。另一方面,git 凭据管理器是有效的。
adamr ~ 0ms⠀ Get-AuthenticodeSignature "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\IDE\devenv.exe" | Format-List
SignerCertificate : [Subject]
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Issuer]
CN=Microsoft Code Signing PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Serial Number]
330000034D4E91A61A28B0788F00000000034D
[Not Before]
3/16/2023 1:43:28 PM
[Not After]
3/14/2024 1:43:28 PM
[Thumbprint]
6E78B3DCE2998F6C2457C3E54DA90A01034916AE
TimeStamperCertificate : [Subject]
CN=Microsoft Time-Stamp Service, OU=Thales TSS ESN:FC41-4BD4-D220, OU=Microsoft Ireland
Operations Limited, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Issuer]
CN=Microsoft Time-Stamp PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Serial Number]
33000001B9F6000D65544FBC030001000001B9
[Not Before]
9/20/2022 3:22:17 PM
[Not After]
12/14/2023 2:22:17 PM
[Thumbprint]
C7621E187864E7C310933CD25A49C670B8DF813A
Status : NotTrusted
StatusMessage : File C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\IDE\devenv.exe is
signed but the signer is not trusted on this system.
Path : C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\IDE\devenv.exe
SignatureType : Authenticode
IsOSBinary : False
adamr ~ 61ms⠀ Get-AuthenticodeSignature "C:\Program Files\PowerShell\7\pwsh.exe" | Format-List
SignerCertificate : [Subject]
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Issuer]
CN=Microsoft Code Signing PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Serial Number]
330000034D4E91A61A28B0788F00000000034D
[Not Before]
3/16/2023 1:43:28 PM
[Not After]
3/14/2024 1:43:28 PM
[Thumbprint]
6E78B3DCE2998F6C2457C3E54DA90A01034916AE
TimeStamperCertificate : [Subject]
CN=Microsoft Time-Stamp Service, OU=nShield TSS ESN:8D00-05E0-D947, OU=Microsoft America
Operations, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Issuer]
CN=Microsoft Time-Stamp PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Serial Number]
33000001CD55072AE7CAC1991D0001000001CD
[Not Before]
5/25/2023 2:12:05 PM
[Not After]
2/1/2024 1:12:05 PM
[Thumbprint]
68A9F7A6D8A2B3B916632126227C6A2554E77204
Status : NotTrusted
StatusMessage : File C:\Program Files\PowerShell\7\pwsh.exe is signed but the signer is not trusted on this
system.
Path : C:\Program Files\PowerShell\7\pwsh.exe
SignatureType : Authenticode
IsOSBinary : False
adamr ~ 19ms⠀ Get-AuthenticodeSignature "C:\Program Files\PowerShell\7-preview\pwsh.exe" | Format-List31
SignerCertificate : [Subject]
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Issuer]
CN=Microsoft Code Signing PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Serial Number]
330000034D4E91A61A28B0788F00000000034D
[Not Before]
3/16/2023 1:43:28 PM
[Not After]
3/14/2024 1:43:28 PM
[Thumbprint]
6E78B3DCE2998F6C2457C3E54DA90A01034916AE
TimeStamperCertificate : [Subject]
CN=Microsoft Time-Stamp Service, OU=nShield TSS ESN:A000-05E0-D947, OU=Microsoft America
Operations, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Issuer]
CN=Microsoft Time-Stamp PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Serial Number]
33000001D07708AAEFA317C6DD0001000001D0
[Not Before]
5/25/2023 2:12:14 PM
[Not After]
2/1/2024 1:12:14 PM
[Thumbprint]
BCB7C853F0A2945FDD6553916A44FF427EEF4C89
Status : NotTrusted
StatusMessage : File C:\Program Files\PowerShell\7-preview\pwsh.exe is signed but the signer is not trusted
on this system.
Path : C:\Program Files\PowerShell\7-preview\pwsh.exe
SignatureType : Authenticode
IsOSBinary : False
adamr ~ 18ms⠀ Get-AuthenticodeSignature "C:\Program Files\JetBrains\Rider\r2r\2023.2.1R\91943D6DE4B105C375F
B095E3498CF0\git-credential-manager.exe" | Format-List
SignerCertificate : [Subject]
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Issuer]
CN=Microsoft Code Signing PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Serial Number]
33000001519E8D8F4071A30E41000000000151
[Not Before]
5/2/2019 4:37:46 PM
[Not After]
5/2/2020 4:37:46 PM
[Thumbprint]
62009AAABDAE749FD47D19150958329BF6FF4B34
TimeStamperCertificate : [Subject]
CN=Microsoft Time-Stamp Service, OU=Thales TSS ESN:12BC-E3AE-74EB, OU=Microsoft America
Operations, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Issuer]
CN=Microsoft Time-Stamp PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
[Serial Number]
33000000F8C25F33D0B58F15040000000000F8
[Not Before]
10/24/2018 4:14:29 PM
[Not After]
1/10/2020 3:14:29 PM
[Thumbprint]
FA730D24002085268FD7E5261FDF819EF3031B99
Status : Valid
StatusMessage : Signature verified.
Path : C:\Program
Files\JetBrains\Rider\r2r\2023.2.1R\91943D6DE4B105C375FB095E3498CF0\git-credential-manager.exe
SignatureType : Authenticode
IsOSBinary : False