Microsoft Edge Try Microsoft Edge A fast and secure browser that's designed for Windows 10 Get started

Skip to main content
Microsoft
Microsoft Support
  • Office
  • Windows
  • Surface
  • Xbox
  • Deals
  • Support
      • Windows apps
      • OneDrive
      • Outlook
      • Skype
      • OneNote
      • PCs & tablets
      • Accessories
      • VR & mixed reality
      • Microsoft HoloLens
      • Xbox games
      • PC games
      • Windows digital games
      • Movies & TV
      • Books
      • Microsoft Azure
      • Microsoft Dynamics 365
      • Microsoft 365
      • Cloud platform
      • Enterprise
      • Data platform
      • .NET
      • Visual Studio
      • Windows Dev Center
      • Docs
      • Microsoft Store
      • Free downloads & security
      • Education
      • Store locations
      • Gift cards
    • View all
    0
    Sign in
    Microsoft Support

    "0x800700C1: not a valid Win32 application" error when you create an AppLocker hash rule for a file in Windows 8, Windows Server 2012, Windows 7, or Windows Server 2008 R2

    Content provided by Microsoft

    Content provided by Microsoft

    Applies to: Windows 7 EnterpriseWindows 7 UltimateWindows 7 ProfessionalWindows Server 2008 R2 StandardWindows Server 2008 R2 EnterpriseWindows Server 2008 R2 DatacenterWindows Server 2008 R2 FoundationWindows 8 EnterpriseWindows 8 ProWindows Server 2012 DatacenterWindows Server 2012 DatacenterWindows Server 2012 EssentialsWindows Server 2012 FoundationWindows Server 2012 FoundationWindows Server 2012 StandardWindows Server 2012 Standard More


    Symptoms


    Assume that you try to create an AppLocker hash rule for a file on a computer that is running one of the following operating systems:
    • Windows 8
    • Windows Server 2012
    • Windows 7 that has security update MS12-024 installed
    • Windows Server 2008 R2 that has security update MS12-024 installed
    However, you cannot create the rule, and you receive the following error message:
    0x800700C1: not a valid Win32 application

    Cause


    This issue occurs because the Windows Authenticode Signature Verification function now verifies portable executable (PE) files. PE files are considered unsigned if one of the following conditions is true:
    • Windows can identify content that does not comply with the Authenticode specification in the file. This condition applies to some third-party installers.
    • Additional content was added to the file after the signature was applied.
    AppLocker hash rules for PE files are based on the SHA2 Authenticode hash of the file. If a PE file meets either of the two conditions that were mentioned earlier, the Authenticode hash of the file is not trusted. AppLocker cannot process the Authenticode hash of such files. Therefore, you cannot create Publisher or Hash rules for such files.

    Resolution


    Files that have contents that do not comply with Windows Authenticode specifications or files that were changed after the signature was applied can be harmful for your computer. Therefore, we recommend that you replace such files by using the files that comply with the Windows security requirements. To do this, you may have to work with the original software author to publish a new file that complies with the requirements.

    If you decide to continue working with such files, you can create AppLocker path-based rules to control these files.

    More Information


    On Windows 8 and Windows Server 2012-based computers, or on Windows 7 and Windows Server 2008 R2-based computers that have security update MS12-024 installed, you cannot create a hash or a publisher rule for unsigned files. You can only create path-based rules for such files. Additionally, if your AppLocker policy contains a hash or publisher rule that is based on such a file, that rule no longer works for that file. The following AppLocker policy is an example of this behavior:
    <AppLockerPolicy Version="1">
    <RuleCollection Type="Exe" EnforcementMode="Enforced">
    <FileHashRule Action="Allow" UserOrGroupSid="S-1-1-0" Description="" Name="Allow Calculator" Id="7509591f-7552-4ed0-ac56-7b727cd1f9cf">
    <Conditions>
    <FileHashCondition>
    <FileHash Type="SHA256" SourceFileLength="53344" SourceFileName="calculator.exe" Data="0x2E8950C38FE3DD02D9F9A012BA9481E7E4704838BB5208E3F7086B6935520A93"/>
    </FileHashCondition>
    </Conditions>
    </FileHashRule>
    <FilePublisherRule Id="a3ab2d94-c20d-4039-8f2b-6caaff04e816" Name="Deny Contoso" Description="Deny Games" UserOrGroupSid="S-1-1-0" Action="Deny">
    <Conditions>
    <FilePublisherCondition PublisherName="Contoso" ProductName="Attack of Zombies" BinaryName="*">
    <BinaryVersionRange LowSection="*" HighSection="*" />
    </FilePublisherCondition>
    </Conditions>
    </FilePublisherRule>
    …
    …
    </AppLockerPolicy>
    In this example, the AppLocker policy has two rules. The first rule ("Allow Calculator") is a hash rule that allows Calculator.exe to run. The second rule ("Deny Contoso") is a publisher rule that blocks any file that belongs to the Attack of Zombies game that is published by Contoso. As both Calculator.exe and Zombies.exe both meet one of the two conditions that were mentioned earlier, Windows Authenticode Signature verification fails. Before you apply MS12-024, Calculator.exe is allowed by the "Allow Calculator" rule, and Zombies.exe is blocked by the "Deny Contoso" rule. However, after you apply MS12-024, AppLocker cannot process the SHA2 Authenticode hash for Calculator.exe and considers Zombies.exe as an unsigned file. Therefore, neither of the rules is triggered, and unexpected behavior occurs.

    References


    For more information about security bulletin MS12-024, go to the following Microsoft TechNet website:
    Microsoft security bulletin MS12-024
    For more information about the Windows Authenticode Portable Executable file signature format, go to the following MSDN website:
    General information about the Windows Authenticode Portable Executable file signature format

    Last Updated: Apr 19, 2018
    • Email
    • Print
    Thanks! Your feedback will help us improve the support experience.

    What's new

    • Surface Book 2
    • Surface Pro
    • Xbox One X
    • Xbox One S
    • VR & mixed reality
    • Windows 10 apps
    • Office apps

    Store & Support

    • Account profile
    • Download Center
    • Sales & support
    • Returns
    • Order tracking
    • Store locations
    • Support
    • Buy online, pick up in store

    Education

    • Microsoft in education
    • Office for students
    • Office 365 for schools
    • Deals for students & parents
    • Microsoft Azure in education

    Enterprise

    • Microsoft Azure
    • Enterprise
    • Data platform
    • Find a solutions provider
    • Microsoft partner resources
    • Microsoft AppSource
    • Manufacturing & resources
    • Financial services

    Developer

    • Microsoft Visual Studio
    • Windows Dev Center
    • Developer Network
    • TechNet
    • Microsoft Virtual Academy
    • Microsoft developer program
    • Channel 9
    • Office Dev Center

    Company

    • Careers
    • About Microsoft
    • Company news
    • Privacy at Microsoft
    • Investors
    • Diversity and inclusion
    • Accessibility
    • Security
    English (United States)
    • Terms of use
    • Privacy & cookies
    • Trademarks
    • © Microsoft 2018
    This site in other countries/regions
    Algérie - Français
    Argentina - Español
    Australia - English
    Belgique - Français
    België - Nederlands
    Bolivia - Español
    Bosna i Hercegovina - Hrvatski
    Brasil - Português
    Canada - English
    Canada - Français
    Chile - Español
    Colombia - Español
    Costa Rica - Español
    Crna Gora - Srpski
    Danmark - Dansk
    Deutschland - Deutsch
    Dominican Republic - Español
    Ecuador - Español
    Eesti - Eesti
    El Salvador - Español
    España - Español
    Estados Unidos - Español
    France - Français
    Guatemala - Español
    Hong Kong SAR - English
    Hrvatska - Hrvatski
    India - English
    Indonesia (Bahasa) - Bahasa
    Ireland - English
    Italia - Italiano
    Latvija - Latviešu
    Lietuva - Lietuvių
    Luxembourg - Français
    Magyarország - Magyar
    Malaysia - English
    Maroc - Français
    México - Español
    Nederland - Nederlands
    New Zealand - English
    Norge - Bokmål
    Panamá - Español
    Paraguay - Español
    Perú - Español
    Philippines - English
    Polska - Polski
    Portugal - Português
    Puerto Rico - Español
    România - Română
    Schweiz - Deutsch
    Singapore - English
    Slovenija - Slovenščina
    Slovensko - Slovenčina
    South Africa - English
    Srbija - Srpski
    Suisse - Français
    Suomi - Suomi
    Sverige - Svenska
    Tunisie - Français
    Türkiye - Türkçe
    United Kingdom - English
    United States - English
    Uruguay - Español
    Venezuela - Español
    Việt Nam - Tiếng việt
    Ísland - Íslenska
    Österreich - Deutsch
    Česká Republika - Čeština
    Ελλάδα - Ελληνικά
    България - Български
    Казахстан - Русский
    Россия - Русский
    Україна - Українська
    ישראל - עברית
    الإمارات العربية المتحدة - العربية
    المملكة العربية السعودية - العربية
    مصر - العربية
    भारत - हिंदी
    ไทย - ไทย
    中国 - 简体中文
    台灣 - 繁體中文
    日本 - 日本語
    香港特別行政區 - 繁體中文
    대한민국 - 한국어