Microsoft has been taking steps to mitigate the leaked code signing certificate problem.

On the driver side of things, new versions of Windows no longer trust the cross-signed certs, so you must submit your driver to Microsoft to validate and sign, so no private key to go missing. https://techcommunity.microsoft.com/blog/windows-itpro-blog/...

On the regular Authenticode side of things, the new CA/B Forum rules have prohibited storing new private keys outside of hardware modules for a while now, so eventually you won't be able to find a leaked private key for code signing that would still be valid.

That's kind of crazy. Why doesn't Microsoft revoke such certs such that you can't sign new software with it?

[dead]