Microsoft Fights Flame Malware With Certificate Killer

By | June 15, 2012

Source: Information Week

by  Mathew J. Schwartz

In this article “Flame malware includes a killer feature: It can install whole copies of itself on targeted Windows PCs, using built-in Windows Update functionality. The culprit was the malware’s ability to spoof a Microsoft digital certificate, thus tricking Windows into thinking that the malware code was legitimate.

In response, Microsoft Wednesday released an automatic updater–available for Windows Vista, Windows 7, as well as Windows Server 2008 and 2008 R2–that keeps tabs on a list of known-bad digital certificates, including the one exploited by Flame. “This updater expands on the existing automatic root update mechanism technology that is found in Windows Vista and in Windows 7 to let certificates that are compromised or are untrusted in some way be specifically flagged as untrusted,” according to Microsoft’s related update notes.”

Leave a Reply