Windows code signing certificates for Python 3.12.8, 3.13.1 revoked

We have been made aware that the code signing certificates used for our 3.12.8 and 3.13.1 releases on Windows may have been used to sign malicious code. As a precautionary measure, the certificate has been revoked, which may result in Windows warning about or refusing to execute these versions of Python. Additionally we’ve rotated all secrets related to code signing for Windows.

At this point there is also no indication that CPython build infrastructure or signing has been compromised after auditing the artifacts and build processes for the mentioned Python releases. Our signing infrastructure generates new certificates frequently, and so these are the only affected releases (see the explanation at the end of Download Python | Python.org ). There are no known issues with those releases, but the certificate has been revoked to help reduce the risk of malicious code hiding behind our reputation.

As a workaround, we suggest updating to 3.12.10 or 3.13.7.

At this stage, no further information is available, and the investigation into whether, and how, our certificate was misused is ongoing. We were already following secure practices for handling code signing certificates, and have taken additional steps to ensure that our infrastructure is not persistently compromised. We will provide updates on this thread as they become available.

Upon further investigation, it has been confirmed that the malicious code bearing our code signing certificate was not correctly signed, and as such we are assured that no compromise of any of our infrastructure has occurred.

The issue arose due to scanning tools that misidentified malware as being signed by us, despite the signature being invalid. We understand that the issue was related to the malware using PyInstaller and bundling our official binaries, which means the malware did contain our public certificate, but not as part of its file signature. The tool in question has been fixed.

Unfortunately, there is no way to un-revoke the certificate, and so binaries for 3.12.8 and 3.13.1 will remain as invalid. As mentioned in the original notification, no other releases used this certificate, and so only the listed versions are impacted. You can refer to Trusted Signing certificate management | Microsoft Learn for more information about how our signing processes work.

In summary, no compromise took place, our certificates and signing processes should still be considered trustworthy, and the issue is now considered closed.

-Python Security Response Team