In 2012 we found, reported and published a problem with Authenticode signatures on PE executable files. This problem allowed an attacker to modify the content and behavior of many signed files without invalidating their digital signature; the issue got labeled as MS12-024. The fix that Microsoft released for that vulnerability was only partial, blacklisting specific content known or likely to be exploitable. However, it was obvious that new vulnerable file formats may appear at any time; the vulnerability is a design problem and cannot be fully fixed. Almost two years later, Microsoft released a stronger patch – known as MS13-098. It does not look for a specific content inside the digital signature, it tries to prevent any appending in a generic way. Since some companies actually perform post-signing modifications of their executables – especially installers – without any malicious intent, the patch will definitely cause some compatibility issues. That is probably the reason why the real effect of the patch has been postponed six months after its release, and later delayed even further (as of now, to August 12, 2014). In this talk we would like to show the progress of this issue over the past two years. We will explain what the new patch does from the technical point of view and how it affects the vulnerability, compared to the previous one. We will present statistical data (extracted from our sample collection) related to post-signing modifications of executable files to see what signatures get invalidated. If the patch is already active at the time the talk is given, we will try to show how the affected parties responded to the change. We will discuss the implications of the change for antivirus software (such as the Taggant project).