by boco » 30.09.2017, 04:30
Technically, no problem*. But someone would have to pay for the signing certificates, as they are very expensive.
Note that Microsoft's updates are all signed.
*Do you know about the CCleaner disaster that happened recently? A malware, residing inside a correctly signed executable from a trusted publisher. In other words, a signed file does NOT mean it is malware-free, not in the least. Actually, it's worse, as many AV scanners skip correctly signed (and thus trusted) files.
Microsoft update catalog: http://catalog.update.microsoft.com/v7/site/
Windows Install media download: https://support.microsoft.com/en-us/help/15088/windows-create-installation-media