Printed from http://www.electronista.com

Flame signed with Microsoft Root Authority certificates

updated 09:40 pm EDT, Mon June 4, 2012

High priority update and security advisory posted

Earlier today, Microsoft has released a high-priority update and a security advisory after parts of the Flame malware platform were signed with one of the trusted digital certificates linked to the Microsoft Root Authority. The improper use of the certificates could mislead a user, bypass operating system safeguards, and permit the malware tool to be installed. The two intermediate certificate authorities used in the malware have been revoked.

The bulletin doesn't reveal who had access to the certificates, nor does it discuss the possibility that they may have been misused by authorized personnel. "What we found is that certificates issued by our Terminal Services licensing certification authority, which are intended to only be used for license server verification, could also be used to sign code as Microsoft." said the official Microsoft Security Research and Defense blog in regards to the use of the certificate.

Microsoft adds that most anti-virus packages will detect and remove Flame. Furthermore, Flame is a directed tool that won't propagate like a traditional computer virus, so the vast majority of customers are not at risk from the malware. They also conclude, however, that all users should perform the update process to ensure security. Only PCs with Windows installed are vulnerable to the Flame malware package.

Flame was discovered by Kaspersky at the end of May. The malware has possibly been in action since August of 2010. The malware doesn't seek to cause data loss or obtain financial information. Instead, the program logs just about everything possible on an infected system. Once present, it sniffs network traffic, takes screenshots, records audio conversations, logs keystrokes, and so on.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Adesso Xtream S3B Bluetooth speaker

Finding a speaker purpose-built for a specific need is challenging. Even when a Bluetooth speaker can be paired with a mobile device, ...

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Razer Taipan mouse

The list of gaming devices is growing larger with each passing day. A large number of companies have entered the gaming input arena, a ...

Sponsor

toggle

Most Commented

 
toggle

Popular News