Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
September 28, 2012 01:05 am

Adobe Revoking Code Signing Certificate Used To Sign Malware


wiredmikey writes "Adobe said Thursday that will be revoking a code signing certificate next week after discovering two pieces of malware that had been digitally signed with Adobe's credentials.Two malicious utilities, pwdump7 v7.1 and myGeeksmail.dll, both came from the same source and were signed with valid Adobe digital certificates, Adobe's Brad Arkin said.Adobe plans to revoke the impacted certificate on Oct. 4. After initial investigation, the company identified a compromised build server which had been used to access the code signing infrastructure, Brad Arkin wrote in a blog post. The build server did not have rights to any public key infrastructure functions other than the ability to issue requests to the signing service and did not have access to any Adobe products such as Flash Player, Adobe Reader, Shockwave Player, or Adobe AIR, Arkin said.According to Adobe, most customers won't notice anything out of the ordinary during the certificate revocation process, but some IT administrators may have to take some actions in response."

Read more of this story at Slashdot.


Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/MRmWiSSEUiA/adobe-revoking-code-signing-certificate-used-to-sign-malware

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot