Results 1 to 3 of 3

Thread: Microsoft Advisory/Update Related to Flame

  1. #1
    Corrine's Avatar
    Corrine is offline Gold Member
    Join Date
    Jan 2009
    Location
    Upstate NY
    Posts
    961

    Default Microsoft Advisory/Update Related to Flame

    Microsoft discovered that some components of the Flame malware have been signed by certificates that allow software to appear as if it was produced by Microsoft. Apparently there is an older cryptography algorithm that could be exploited and used to sign code to make it appear that it originated from Microsoft.



    As a result, Microsoft released Security Advisory 2718704, Unauthorized Digital Certificates Could Allow Spoofing and a security update. The security update revokes the trust of the following intermediate CA certificates:

    • Microsoft Enforced Licensing Intermediate PCA (2 certificates)
    • Microsoft Enforced Licensing Registration Authority CA (SHA1)


    If you do not have automatic updating enabled, the update is available by checking for updates or can be downloaded from Microsoft KB Article 2718704.


    References


  2. #2
    whs's Avatar
    whs
    whs is offline Gold Member
    Join Date
    Oct 2008
    Posts
    1,421

    Default

    Thanks Corrine. You are on top of things as usual.

  3. #3
    Corrine's Avatar
    Corrine is offline Gold Member
    Join Date
    Jan 2009
    Location
    Upstate NY
    Posts
    961

    Default

    I try, whs.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22