Electron-builder: [electron-updater] Update is installed even though signature verification fails

• Version:
  electron-builder: 22.3.5
  electron-updater: 4.2.4

• Target: Windows (NSIS)

dead150 is only a partial fix for the signature verification bypass issue recently disclosed by Doyensec. While it is no longer possible to trigger the parse errors with single or double quotes as of dead150, there are other ways to cause them.

From the report:

we believe that other attack payloads for the same vulnerable code path still [exist] in Electron-Builder.

In my opinion, the root cause of the vulnerability lies in the fact that even though signature verification is failing, the update is still installed:
https://github.com/electron-userland/electron-builder/blob/caebf37282a17786cff7c948eeec8fbb21b37a68/packages/electron-updater/src/windowsExecutableCodeSignatureVerifier.ts#L37-L38

https://github.com/electron-userland/electron-builder/blob/caebf37282a17786cff7c948eeec8fbb21b37a68/packages/electron-updater/src/NsisUpdater.ts#L42

So, even though an error is encountered, null is resolved and the update is installed anyway. I opened this issue because I was hoping to start a discussion on the following:

• Is there a reason why we would want the update to be installed despite the fact that signature verification failed (i.e. is there a valid use case for the current behavior)?
• We would prefer that any errors in signature verification cause the update process to abort. Would a PR for the ability to opt-in to stricter signature verification (e.g. strictSignatureVerification: true in the electron-builder config) be accepted?