Make a Lasting Impression

Home away from home
2007/12/4 9:00
Posts: 1199
Some interesting developments re. the Flame malware (MP3, 44MB) recently covered on the Security Now podcast. For a start, it now seems to be produced out of the same shop that brought you Stuxnet (ie. it would seem to be government sponsored). And how is this for nasty:

* Has a forged (but valid) certificate from Microsoft.
* Installs itself as a proxy / man in the middle against Windows Update service.
* Signs its own malicious components, using the forged Microsoft certificate and hands them off as updates.

Microsoft has reacted by introducing automatic updates to their list of untrusted/revoked certificates, creating a certificate specifically for signing updates to the Windows Update client, no longer allowing windows update to operate via a proxy, and has given advance notice that they are going to kill ALL certificates using 1024 bit keys or less, whether you like it or not.

When governments break their own laws, it seriously makes me not want to pay tax.

Posted on: 2012/6/20 23:47
Transfer the post to other applications Transfer

You can view topic.
You cannot start a new topic.
You cannot reply to posts.
You cannot edit your posts.
You cannot delete your posts.
You cannot add new polls.
You cannot vote in polls.
You cannot attach files to posts.
You cannot post without approval.

[Advanced Search]