Microsoft vs. Flame – Part 2
Two weeks ago a Flame Malware was discovered, and when Microsoft started to investigate it, they found that a malware binaries were digitally sealed by nothing other than Microsoft itself. Upon further analysis it became transparent that a authors of a Flame malware had found a loophole in a signing/verification infrastructure that authorised enemy to pointer binaries as Microsoft.
This is a vital confidence threat, with a categorical worry not unequivocally a Flame malware, though a other malware authors that positively have started to retreat operative a technique. Once they are successful they will use it to pointer their their possess creations and thereby equivocate showing by anti-virus engines and other confidence mechanisms. Microsoft motionless to conflict fast and on Sunday Jun 3, 2012, Microsoft published Security Advisory 2718704 that removes a offending certificates from a internal Windows certificate store, thereby shutting a loophole.
Today Microsoft published a second component and serve tightens Windows Update Security. From now on, a new Windows Update customer usually trusts one newly combined signing certificate for all updates for Windows and Microsoft applications. With a new certificate that uses a newer SHA1 algorithm (rather than a old-fashioned MD5), nobody though Microsoft should be means to pointer destiny updates.
Your Windows workstation will get a new refurbish customer automatically during it subsequent check for updates. It will have be commissioned before removing subsequent Tuesday updates themselves as they will already be sealed with a new certificate.