Valid HTML 4.01 Transitional Valid CSS Valid SVG 1.0

Me, myself & IT

cURL binary executables for Windows® NT

cURL logo Binary executables of cURL for the I386 alias x86, AMD64 alias x64 and IA64 processor architectures of Microsoft® Windows NT, built with the platform SDK for Windows Server 2003 R2 for use on Windows 2000 and newer versions of Windows NT, using SChannel alias WinSSL and zlib.
X:\> i386\curl.exe -V
curl 7.53.1 (i386-pc-win32) libcurl/7.53.1 WinSSL zlib/1.2.11
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile SSPI Kerberos SPNEGO NTLM SSL libz

X:\> i386\libcurl.exe -V
curl 7.53.1 (i386-pc-win32) libcurl/7.53.1 WinSSL zlib/1.2.11
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile SSPI Kerberos SPNEGO NTLM SSL libz

X:\> amd64\curl.exe -V
curl 7.53.1 (x86_64-pc-win32) libcurl/7.53.1 WinSSL zlib/1.2.11
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile SSPI Kerberos SPNEGO NTLM SSL libz

X:\> amd64\libcurl.exe -V
curl 7.53.1 (x86_64-pc-win32) libcurl/7.53.1 WinSSL zlib/1.2.11
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile SSPI Kerberos SPNEGO NTLM SSL libz

X:\>
Note: unlike other binary executables for Windows they show the official cURL logo as icon, and contain an embedded application manifest to protect against DLL redirection on Windows XP and newer versions of Windows NT as well as DLL spoofing alias DLL preloading, directory poisoning, binary planting, DLL hijacking and DLL side-loading on Windows 7 and newer versions of Windows NT!
Caveat: the statements
There is nothing we can do to prevent against this.
[…]
There is nothing we can do to fix this, it is endemic in the design of Windows.
in cURL's security advisory from May 30, 2016 are outright wrong!

Download

The binary executables and some text files are packaged in the (compressed and digitally signed) cabinet file curl-7.53.1.cab:
X:\> extract.exe /D curl-7.53.1.cab
Microsoft (R) Cabinet Extraction Tool - Version 5.1.2600.5512
Copyright (c) Microsoft Corporation. All rights reserved..

 Cabinet curl-7.53.1.cab

02-21-2017  8:09:14a A---        69,464 CURL.FAQ
02-21-2017  8:09:14a A---         1,110 CURL.LIC
11-07-2016 10:18:18a A---        39,899 CURL.MAN
02-24-2017  8:49:08a A---         1,421 CURL.REL
11-07-2016 10:18:18a A---         1,659 CURL.TXT
02-24-2017  8:11:42p A---       884,808 AMD64\CURL.EXE
02-24-2017  8:11:42p A---       555,080 AMD64\LIBCURL.DLL
02-24-2017  8:11:42p A---       461,896 AMD64\LIBCURL.EXE
02-24-2017  7:46:00p A---        14,078 AMD64\LIBCURL.LIB
02-24-2017  8:11:42p A---       752,200 I386\CURL.EXE
02-24-2017  8:11:42p A---       473,672 I386\LIBCURL.DLL
02-24-2017  8:11:44p A---       432,712 I386\LIBCURL.EXE
02-24-2017  7:53:24p A---        14,380 I386\LIBCURL.LIB
02-24-2017  8:11:44p A---     1,572,424 IA64\CURL.EXE
02-24-2017  8:11:42p A---     1,143,368 IA64\LIBCURL.DLL
02-24-2017  8:11:44p A---       684,104 IA64\LIBCURL.EXE
02-24-2017  7:32:06p A---        16,644 IA64\LIBCURL.LIB
                17 Files      7,118,919 bytes

X:\>
Run the command line
"%SystemRoot%\System32\Expand.exe" /R curl-7.53.1.cab /F:* "‹target directory›"
on Windows Vista and newer versions of Windows NT to extract all files into the specified directory, preserving their paths.
Note: Expand.exe from prior versions of Windows NT ignore the paths and junk them!
Use Extract.exe from the Support Tools on Windows XP and Windows Server 2003 instead.

Code authenticity and integrity

The binary executables as well as the cabinet file curl-7.53.1.cab are digitally signed using an X.509 certificate issued by WEB.DE TrustCenter E-Mail Certification Authority.
Serial number
73633199
0x04638daf
Fingerprint
MD5: 25 a0 d6 b0 bc 37 fe 49 42 d1 64 ca e6 7a f5 7f
SHA-1: 47 79 b5 28 f0 84 e6 ce f8 77 7b 62 dc c4 b3 1f fe de 07 14
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAxSwxNrFPXXn6y5Abl+0pH7faIK0xVAh70reOBrwSykab/0kIwz0QJldXNTLl
ZaSb4T7A5il2oqhiHUS53owsguXrDaJ+l+iTuCR/NrOVBJ0Xi+1Kv+ni/jb3cLvTS/BQJtFm
fVW3HHtYrQQcYCpd/AVzg1k2p46BEbGfFpjfFREdM589UDSzaiIOWSEBec8RI3HVqIMiG2qL
seuQot9shOcNcV2Y2AgTKHBUrWz10kbCWf8g5QA2hjmSMRvRtBOovCgvSF0nDFk4Odrn9nLB
PVq763s2vh/riO9cheTeg4N/ldbnAywdjLAwwJ1qynh2p/s/V5cnsoav7SZRGDyAoQIDAQAB
-----END RSA PUBLIC KEY-----
Download and install the CA and root X.509 certificates of WEB.DE to validate and verify the digital signature.

Note: the digital signature remains valid past the certificates expiration date due to its counter signature alias timestamp!

Installation

Download the package curl-7.53.1.cab and verify its digital signature, then open it in Windows Explorer and extract its contents into a directory of your choice.
Note: be sure to select the binary executables that match the processor architecture of your machine (as shown in the Path column of the Details view)!

Deinstallation

Remove the extracted contents.

Contact

If you miss anything here, have additions, comments, corrections, criticism or questions, want to give feedback, hints or tipps, report broken links, bugs, errors, inaccuracies, omissions, vulnerabilities or weaknesses, …:
don't hesitate to contact me and feel free to ask, comment, criticise, flame, notify or report!

Use the X.509 certificate to send S/MIME encrypted mail.

Notes: I dislike HTML (and even weirder formats too) in email, I prefer to receive plain text.
I also expect to see a full (real) name as sender, not a nickname!
Emails in weird formats and without a proper sender name are likely to be discarded.
I abhor top posts and expect inline quotes in replies.

Terms and conditions

By using this site, you signify your agreement to these terms and conditions. If you do not agree to these terms and conditions, do not use this site!
Copyright © 2005-2017 • Stefan Kanthak • <‍skanthak‍@‍nexgo‍.‍de‍>