Comment by numpad0

They can just require hash of legacy binaries sent to Microsoft and rubberstamped back. Eventually they'll have a near comprehensive list of legacy binaries in common use, and move to block unknown binaries in circulation as "malware".