diff --git a/Tools/set_LargeAddressAware.ps1 b/Tools/set_LargeAddressAware.ps1
index ba785aea..62d3f0db 100644
--- a/Tools/set_LargeAddressAware.ps1
+++ b/Tools/set_LargeAddressAware.ps1
@@ -14,11 +14,7 @@ Write-Output "===== Beginning $($PSCmdlet.MyInvocation.MyCommand) ====="
 $path_editBin = @((Resolve-Path -Path "C:\Program Files*\Microsoft Visual Studio*\VC\bin\editbin.exe").Path)[0]
 
 # Verify editbin certificate
-$microsoft_cert_thumbprint = "3BDA323E552DB1FDE5F4FBEE75D6D5B2B187EEDC"
-$editbin_signature = Get-AuthenticodeSignature -FilePath $path_editBin
-if (($editbin_signature.Status -ne "Valid") -or ($editbin_signature.SignerCertificate.Thumbprint -ne $microsoft_cert_thumbprint)) {
-    Write-Error "Could not validate the signature of editbin.exe - we can not set LargeAddressAware" -ErrorAction Stop
-}
+& "$PSScriptRoot\validate_microsoft_tool.ps1" -Path $path_editBin
 
 
 $path_outputExe = Join-Path -Path $TargetDir -ChildPath $TargetFileName
diff --git a/Tools/validate_microsoft_tool.ps1 b/Tools/validate_microsoft_tool.ps1
new file mode 100644
index 00000000..a5ba7b12
--- /dev/null
+++ b/Tools/validate_microsoft_tool.ps1
@@ -0,0 +1,15 @@
+param (
+    # Full path to the Microsoft executable to validate
+    $Path
+)
+
+$valid_microsoft_cert_thumbprints = @("3BDA323E552DB1FDE5F4FBEE75D6D5B2B187EEDC", "108E2BA23632620C427C570B6D9DB51AC31387FE")
+$exe_signature = Get-AuthenticodeSignature -FilePath $Path
+$baseErrorMsg = "Could not validate the certificate of $Path. "
+
+if ($exe_signature.Status -ne "Valid") {
+    Write-Error -Message ($baseErrorMsg+"The signature was invalid.") -ErrorAction Stop
+}
+elseif ($valid_microsoft_cert_thumbprints -notcontains $exe_signature.SignerCertificate.Thumbprint) {
+    Write-Error -Message ($baseErrorMsg+"The certificate thumbprint ($($exe_signature.SignerCertificate.Thumbprint)) is not trusted.") -ErrorAction Stop
+}
\ No newline at end of file