diff --git a/ports/uthenticode/openssl.patch b/ports/uthenticode/openssl.patch
index e447c1fade..685f5d6be7 100644
--- a/ports/uthenticode/openssl.patch
+++ b/ports/uthenticode/openssl.patch
@@ -1,5 +1,5 @@
 diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
-index 75b82ee..47bed29 100644
+index 90f871d..8fd64b2 100644
 --- a/src/CMakeLists.txt
 +++ b/src/CMakeLists.txt
 @@ -3,11 +3,7 @@ cmake_minimum_required(VERSION 3.10 FATAL_ERROR)
@@ -7,7 +7,7 @@ index 75b82ee..47bed29 100644
  
  find_package(pe-parse REQUIRED)
 -find_package(
--  OpenSSL 1.1
+-  OpenSSL 3.0
 -  COMPONENTS Crypto
 -  REQUIRED
 -)
@@ -15,9 +15,9 @@ index 75b82ee..47bed29 100644
  
  add_library("${PROJECT_NAME}" uthenticode.cpp)
  
-@@ -38,7 +34,7 @@ else ()
-   target_link_libraries("${PROJECT_NAME}" PUBLIC pe-parse::pe-parser-library)
- endif ()
+@@ -32,7 +28,7 @@ set_target_properties("${PROJECT_NAME}" PROPERTIES PUBLIC_HEADER "include/uthent
+ 
+ target_link_libraries("${PROJECT_NAME}" PUBLIC pe-parse::pe-parse)
  
 -target_link_libraries("${PROJECT_NAME}" PUBLIC OpenSSL::Crypto)
 +target_link_libraries("${PROJECT_NAME}" PUBLIC OpenSSL::SSL OpenSSL::Crypto)
@@ -25,7 +25,7 @@ index 75b82ee..47bed29 100644
  install(
    TARGETS "${PROJECT_NAME}"
 diff --git a/src/include/uthenticode.h b/src/include/uthenticode.h
-index 8422cc3..938d8b8 100644
+index 223d662..07e5bc3 100644
 --- a/src/include/uthenticode.h
 +++ b/src/include/uthenticode.h
 @@ -48,6 +48,7 @@ DECLARE_ASN1_FUNCTIONS(Authenticode_SpcIndirectDataContent)
@@ -34,39 +34,5 @@ index 8422cc3..938d8b8 100644
  void OpenSSL_free(void *ptr);
 +void SK_X509_free(stack_st_X509 *ptr);
  
- /* Convenient self-releasing aliases for libcrypto and custom ASN.1 types.
-  */
-@@ -56,7 +57,7 @@ using ASN1_OBJECT_ptr = std::unique_ptr<ASN1_OBJECT, decltype(&ASN1_OBJECT_free)
- using ASN1_TYPE_ptr = std::unique_ptr<ASN1_TYPE, decltype(&ASN1_TYPE_free)>;
- using OpenSSL_ptr = std::unique_ptr<char, decltype(&OpenSSL_free)>;
- using BN_ptr = std::unique_ptr<BIGNUM, decltype(&BN_free)>;
--using STACK_OF_X509_ptr = std::unique_ptr<STACK_OF(X509), decltype(&sk_X509_free)>;
-+using STACK_OF_X509_ptr = std::unique_ptr<STACK_OF(X509), decltype(&SK_X509_free)>;
- 
- using SectionList = std::vector<const peparse::bounded_buffer *>;
- 
-diff --git a/src/uthenticode.cpp b/src/uthenticode.cpp
-index b1be0bc..7043589 100644
---- a/src/uthenticode.cpp
-+++ b/src/uthenticode.cpp
-@@ -39,6 +39,11 @@ IMPLEMENT_ASN1_FUNCTIONS(Authenticode_SpcIndirectDataContent)
- void OpenSSL_free(void *ptr) {
-   OPENSSL_free(ptr);
- }
-+
-+void SK_X509_free(stack_st_X509 *ptr) {
-+  sk_X509_free(ptr);
-+}
-+
- // clang-format on
- }  // namespace impl
- 
-@@ -252,7 +257,7 @@ std::vector<Certificate> SignedData::get_signers() const {
-   if (signers_stack_ptr == nullptr) {
-     return {};
-   }
--  auto signers_stack = impl::STACK_OF_X509_ptr(signers_stack_ptr, sk_X509_free);
-+  auto signers_stack = impl::STACK_OF_X509_ptr(signers_stack_ptr, impl::SK_X509_free);
- 
-   std::vector<Certificate> signers;
-   for (auto i = 0; i < sk_X509_num(signers_stack.get()); ++i) {
+ /* Since OpenSSL 3.0.0 SK_X509_free is defined as a macro, which we can't use with decltype.
+  * So we wrap it here for use with unique_ptr.
diff --git a/ports/uthenticode/portfile.cmake b/ports/uthenticode/portfile.cmake
index 74a6a29575..b52f671d50 100644
--- a/ports/uthenticode/portfile.cmake
+++ b/ports/uthenticode/portfile.cmake
@@ -1,8 +1,8 @@
 vcpkg_from_github(
     OUT_SOURCE_PATH SOURCE_PATH
     REPO trailofbits/uthenticode
-    REF v1.0.6
-    SHA512 6C9C4DD9E1FE7C329E10BC39E41927C8B82DD004275A88385C691AD85EF4079EBE2922083D5252019B8B25CC540F48E544B42B8178F256AE987D6B677713B063
+    REF "v${VERSION}"
+    SHA512 447c1edd2fcd7ba6e960ef5caf32f2b0b9b8bd6b83e5ec02313ff6ae2063bc37a4c250cfdcd57d0717ba93f783c4c8390280edd54a2f63f53c4185faeab6610a
     HEAD_REF master
     PATCHES
         openssl.patch
diff --git a/ports/uthenticode/vcpkg.json b/ports/uthenticode/vcpkg.json
index 13ece8b48f..2909c57b7d 100644
--- a/ports/uthenticode/vcpkg.json
+++ b/ports/uthenticode/vcpkg.json
@@ -1,7 +1,6 @@
 {
   "name": "uthenticode",
-  "version": "1.0.6",
-  "port-version": 2,
+  "version": "2.0.1",
   "description": "A cross-platform library for verifying Authenticode signatures",
   "homepage": "https://github.com/trailofbits/uthenticode",
   "supports": "!uwp",
diff --git a/versions/baseline.json b/versions/baseline.json
index a7b0d190b8..0eb0daef63 100644
--- a/versions/baseline.json
+++ b/versions/baseline.json
@@ -8957,8 +8957,8 @@
       "port-version": 0
     },
     "uthenticode": {
-      "baseline": "1.0.6",
-      "port-version": 2
+      "baseline": "2.0.1",
+      "port-version": 0
     },
     "uvatlas": {
       "baseline": "2024-02-21",
diff --git a/versions/u-/uthenticode.json b/versions/u-/uthenticode.json
index f33c0b6cfb..e2450c8a7d 100644
--- a/versions/u-/uthenticode.json
+++ b/versions/u-/uthenticode.json
@@ -1,5 +1,10 @@
 {
   "versions": [
+    {
+      "git-tree": "16dd1d0663a34c0dba62df07527311c14737c42e",
+      "version": "2.0.1",
+      "port-version": 0
+    },
     {
       "git-tree": "673c5ea6d0982481405bbe54c1e993f696d29d23",
       "version": "1.0.6",