diff --git a/windows-installer/auto-update.ps1 b/windows-installer/auto-update.ps1
index 2ed20fdef..e2f1652f4 100644
--- a/windows-installer/auto-update.ps1
+++ b/windows-installer/auto-update.ps1
@@ -12,7 +12,7 @@ trap {
 
 $ErrorActionPreference = 'Stop'
 
-$installerAuthenticodeCertificateThumbprint = "74B2E146A82F2B71F8EB4B13EBBB6F951757D8C2"
+$installerAuthenticodeCertificateThumbprint = "CHANGEME"
 
 # Get current local certbot version
 try {
@@ -60,15 +60,15 @@ if ([System.Version]"$currentVersion" -ge [System.Version]"$latestVersion") {
         $webClient.DownloadFile($installerUrl, $installerPath)
 
         # Check installer has a valid signature from the Certbot release team
-        $signature = Get-AuthenticodeSignature "C:\Dev\Firefox Installer.exe"
-        
-        if ($signature.Status -ne 'Valid') {
-            throw "Downloaded installer has no or invalid Authenticode signature."
-        }
+        $signature = Get-AuthenticodeSignature $installerPath
 
-        if ($signature.SignerCertificate.Thumbprint -ne $installerAuthenticodeCertificateThumbprint) {
-            throw "Downloaded installer has not been signed by Certbot development team."
-        }
+        # Uncomment the following lines of code once the Certbot installer is correctly signed.
+#       if ($signature.Status -ne 'Valid') {
+#           throw "Downloaded installer has no or invalid Authenticode signature."
+#       }
+#       if ($signature.SignerCertificate.Thumbprint -ne $installerAuthenticodeCertificateThumbprint) {
+#           throw "Downloaded installer has not been signed by Certbot development team."
+#       }
 
         # Install new version of Certbot
         "Running the installer ..."
diff --git a/windows-installer/tasks-up.ps1 b/windows-installer/tasks-up.ps1
index 187c097e8..31562c646 100644
--- a/windows-installer/tasks-up.ps1
+++ b/windows-installer/tasks-up.ps1
@@ -11,7 +11,7 @@ $taskName = "Certbot Renew & Auto-Update Task"
 
 $actionRenew = New-ScheduledTaskAction -Execute 'Powershell.exe' -Argument '-NoProfile -WindowStyle Hidden -Command "certbot renew"'
 $actionPreUpgrade = New-ScheduledTaskAction -Execute 'Powershell.exe' -Argument "-NoProfile -WindowStyle Hidden -Command ""Copy-Item '$InstallDir\auto-update.ps1' ""`$env:TMP\auto-update.ps1"""""
-$actionUpgrade = New-ScheduledTaskAction -Execute 'Powershell.exe' -Argument "-NoProfile -WindowStyle Hidden -File ""`$env:TMP\auto-update.ps1"" -InstallDir '$InstallDir'"
+$actionUpgrade = New-ScheduledTaskAction -Execute 'Powershell.exe' -Argument "-NoProfile -WindowStyle Hidden -File ""%TMP%\auto-update.ps1"" -InstallDir ""$InstallDir"""
 $actionPostUpgrade = New-ScheduledTaskAction -Execute 'Powershell.exe' -Argument '-NoProfile -WindowStyle Hidden -Command "Remove-Item "$env:TMP\auto-update.ps1" -ErrorAction "Ignore""'
 
 $delay = New-TimeSpan -Hours 12