Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
June 4, 2012 02:05 pm

Microsoft Certificate Was Used To Sign Flame Malware


wiredmikey writes "Microsoft disclosed that 'unauthorized digital certificates derived from a Microsoft Certificate Authority' were used to sign components of the recently discovered Flame malware. 'We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft,' Microsoft Security Response Center's Jonathan Ness wrote in a blog post. Microsoft is also warning that the same techniques could be leveraged by less sophisticated attackers to conduct more widespread attacks. In response to the discovery, Microsoft released a security advisory detailing steps that organizations should take in order block software signed by the unauthorized certificates, and also released an update to automatically protect customers. Also as part of its response effort, Microsoft said its Terminal Server Licensing Service no longer issues certificates that allow code to be signed."

Read more of this story at Slashdot.


Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/JB2W2Bg2WXc/microsoft-certificate-was-used-to-sign-flame-malware

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot