The security of your application is dependent on keeping your private key private. It is imperative that your application project (aup) file be kept securely private.
In the event that your private key is compromised, your software and your clients are at risk of being maliciously targeted. If you have deployed the AppLife Update Service for elevated permissions, then your client computers are at a higher risk because malicious code could execute with permissions higher than the logged in user.
Attackers could use your private key to create a malicious update package. To execute this compromised update package, attackers would need to place this update package in your application’s publish location. With a malicious update signed with your private key and placed in your update location, your update process will discover, retrieve, validate and apply the malicious update package.
It could also be possible for attackers to bypass your application entirely, if they could successfully trick your users into executing a Trojan executable. The severity of this scenario increases if the AppLife Update Service has been deployed with your application.
If you suspect that your private key has been compromised, your update location must be secured, preventing an attacker from gaining the ability to add or modify files. A new key pair must also be implemented in your application and your clients must be updated as soon as possible with the new public key.
You must update all versions of your software.
1. Create a backup of your current Make Update project file and archive it.
2. Create a new AppLife Make Update project file.
3. Within your software, modify the public key property of your update controller to match the new Make Update project file public key.
4. If necessary, build your software and then create a new update. If you have deployed the AppLife Update Service, include in this update a Replace Public Key action. Place the new public key that matches your update controller.
5. After publishing the update in step 3, import into your project the new key pair from the new Make Update project file and remove the Replace Public Key action from your update project.
6. Set your Versions to update property to >[Previous Version] and save your project file.
7. No future updates can target versions with the previous public key. These updates will fail validation and not be executed.