...
In general, there is a misconception that signed code is safe to be executed. The problem manifests itself when a vulnerability is discovered in signed code. Because many users when prompted with the security dialog, choose the option of permanently trusting the organizations that they consider trustworthy, they are not notified in the future while downloading trusted but potentially vulnerable content signed by the trusted organization. An adversary may offer them the vulnerable content with the intentions of exploiting it.
Consider, for example, signed Java applets. Whenever a certificate is verified to be correct (as opposed to being self-signed or tampered), on widely used platforms the user is confronted with a security dialog that has the check box option "Always trust the content from the publisher" selected by default. The dialog asks whether the signed code should be executed or not. Unfortunately, by default this setting overrides any future warning dialogs if the user chooses to execute the code with the check box selected. An adversary may take advantage of this mechanism by supplying vulnerable code signed by the trusted organization. In this case, the code will execute without the user's permission and may be freely exploited.
...